RealPlayer flaws open PCs up to hijackers

By Robert Lemos 
Staff Writer, CNET News.com
 
RealNetworks acknowledged on Wednesday that three flaws affecting different versions of its media player could allow attackers to create corrupt music or video files that, when played, take control of a victim's PC. The flaws, found by U.K.-based Next-Generation Security Software, can affect RealNetworks' RealOne Player, RealOne Player version 2, RealPlayer 8, RealPlayer 10 Beta, and the company's RealOne Enterprise products. To exploit them, an attacker crafts the data in a media file in a certain way. When people play or stream the corrupted file in a vulnerable version of RealPlayer, the attacker's code will run, compromising the PC. 

"By forcing a browser to a Web site containing such a file, code could be executed on the target machine running in the context of the logged-on user," stated an advisory posted by NGSSoftware.

The vulnerabilities may affect a large portion of the 350 million unique registered users of the media player software, but RealNetworks wouldn't say how many of those people use the vulnerable versions.

"We haven't had any reports of anyone having any issues," Erika Shaffer, a spokeswoman for the Seattle multimedia company, said on Thursday. "However, we take security very seriously and so wanted to get these fixes out."

The flaw can be exploited using a specially crafted media file, which can be one of five types: RealAudio (RAM) file, RealAudio Plugin (RPM) file, RealPix (RP) file, RealText (RT) file or synchronized multimedia integration language (SMIL) file.

Security vulnerabilities that can be exploited through playing a media file have been rare. Last May, a flaw in the way that Microsoft's Windows Media Player handled "skins," or interface colors and motifs, led the software giant to release a patch for that application.

RealNetworks has posted instructions on its Web site for people to update their RealPlayer software.