If you use the RealPlayer on Internet Explorer, watch out. Researcher Elazar Broad has posted to the Full Disclosure mailing list a so-called heap overflow vulnerability that makes it possible for an attacker to modify heap blocks after they are freed and overwrite certain registers. This could allow code execution on a compromised machine. The vulnerability affects all versions of RealPlayer running under Internet Explorer.
Exploit code for this flaw has not yet been made public.
Without a patch from RealPlayer, security experts recommend disabling the killbit for the following ActiveX ClassIDs:
* 2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93
* CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA
Please note that disabling the killbits above will also remove some functionality within the player.
To avoid the loss of functionality, security experts recommend using RealPlayer in a browser that doesn't support ActiveX, such as Mozilla Firefox.
Exploit code for this flaw has not yet been made public.
Without a patch from RealPlayer, security experts recommend disabling the killbit for the following ActiveX ClassIDs:
* 2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93
* CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA
Please note that disabling the killbits above will also remove some functionality within the player.
To avoid the loss of functionality, security experts recommend using RealPlayer in a browser that doesn't support ActiveX, such as Mozilla Firefox.
No comments:
Post a Comment