Plug-in flaw leaves RealPlayer users open to attack
RealNetworks has issued a patch for a security flaw in one of its plug-ins that could let an attacker gain control of computers running any of several versions of the company's popular media player software.
The problem involves a buffer overflow that affects the R3T media plug-in. For people who download the plug-in and use RealPlayer 8, RealOne Player, RealOne Player v2 for Windows, RealPlayer 10 Beta (English only) or RealPlayer Enterprise, their computer can be overpowered by an attacker, who can then insert surreptitious code and use it to execute other actions.
By Michael Kanellos at CNET.
[ Read more ]