Security company eEye discovered multiple vulnerabilities in RealPlayer and RealOne Player, which could be exploited by remote attackers to execute arbitrary commands.
The first issue is due to a stack overflow error when processing a malformed data packet contained in a Real Media file, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a malicious Web page hosting a specially crafted “.rm” file.
The second vulnerability is due to a heap overflow error in the “DUNZIP32.DLL” library that does not properly handle a malformed RealPlayer skin file, which could be exploited by attackers to execute arbitrary commands by tricking a user into visiting a malicious Web page hosting a specially crafted “.rjs” file.
The third flaw is due to an unspecified stack overflow error when processing malicious skin files, which could be exploited by remote attackers to compromise a vulnerable system.
Security website FrSIRT rates these vulnerabilities as critical (4/4)
RealNetworks has released a patch for this vulnerability. The patch is available via the “Check for Update” menu item under Tools on the RealPlayer menu bar or from http://service.real.com/realplayer/security/.