Potential RealPlayer 8 Vulnerability
From: Dave Cotter (dcotter@real.com)Date: 01/25/02
- Previous message: KF: "Re: ISSTW Security Advisory Tarantella Enterprise 3.11.903 Directory Index Disclosure Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Jan 2002 23:04:08 -0800 To: BUGTRAQ@SECURITYFOCUS.COM From: Dave Cotter <dcotter@real.com>
On January 17th, 2002, a security exploit affecting RealPlayer 8 was
brought to the attention of RealNetworks. The specific exploit, commonly
known as a "buffer overrun", could allow an attacker to run arbitrary code
on a victim's machine.
We have not yet received reports of anyone actually being attacked with
this exploit, however, a fix will be made available by end of day Friday
via the RealPlayer AutoUpdate Service, and for Enterprise RealPlayer users
at: http://www.service.real.com/help/faq/security/index.html.
RealNetworks would like to thank Tim Morgan for reporting this issue to us
and working with us to protect customers from unauthorized access to
sensitive or proprietary information.
- Previous message: KF: "Re: ISSTW Security Advisory Tarantella Enterprise 3.11.903 Directory Index Disclosure Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
