Information Security News mailing list archives
RealPlayer security fix is faulty
From: InfoSec News <isn () c4i org>
Date: Wed, 27 Nov 2002 02:36:41 -0600 (CST)
http://www.theregister.co.uk/content/55/28308.html By John Leyden Posted: 26/11/2002 at 17:49 GMT That nemesis of application security, the buffer overrun, has found its way into media players from RealNetworks. Three similar, though separate, flaws in RealPlayer (and its update RealOne) create a way for crackers to inject hostile code onto Windows boxes of victims induced to run maliciously constructed media files. In common with most buffer overflow flaws (which are typically attributable to programming errors), hostile code could execute in the security context of the logged-on user/victim. All three flaws were discovered by NGS Software. It notified RealNetworks of the problem on November 1, and the company followed up with an advisory and security fixes on November 20. Problem is - the fixes don't work. Mark Litchfield, of NGS Software, found that patches failed to address the problem. Oh dear. The risk is compounded by the fact that Litchfield, acting in good faith, posted a detailed advisory on security mailing after receiving patches from RealNetworks - but before testing them - so now information on the issue has spread across the Net. "The problem is still out there now," Litchfield told us this afternoon. "There's no working fix nor any workaround. My only suggestion would be not to use RealPlayer (if you were paranoid enough) until a working patch is available." According to RealNetworks, there are currently around 115 million users worldwide of RealOne/RealPlayer. All the more reason to fix the problem ASAP. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- RealPlayer security fix is faulty InfoSec News (Nov 27)