Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Realplayer Vulnerability - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Realplayer Vulnerability

Good morning everyone,

Earlier this week, Evgeny Legerov reported a vulnerability involving Real Player which could allow an attacker to execute code on victim computers. At this moment in time, there is no patch or other work around for this vulnerability though I would expect that limiting end-user privileges would limit the potential risk.

Until an update is available, I recommend that you limit viewing multimedia content using Real Player.  It would be worthwhile to plan to add this future update into the mix with any operating system updates which are scheduled to be released soon.

For more information on this vulnerability, please see:

http://secunia.com/advisories/28276/
http://www.frsirt.com/english/advisories/2008/0016

ScottF

188 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!