Multiple RealPlayer/RealOne Player Supported File Type Buffer Overrun Vulnerabilities

It has been reported that various RealPlayer/RealOne Player releases are prone to multiple exploitable stack and heap overrun vulnerabilities. This is due to insufficient bounds checking when handling malformed files of various supported file types. Exploitation would permit execution of arbitrary code in the context of the user invoking the vulnerable player.


 

Privacy Statement
Copyright 2010, SecurityFocus