The Web    Google
Buffer Overflows Patched in RealPlayer

Buffer Overflows Patched in RealPlayer
June 14, 2004
Ryan NaraineBy

A buffer overflow vulnerability in RealNetworks' flagship RealPlayer software could put millions of users at risk of PC takeover, the company warned in an advisory.

The flaw, which carries a ''high risk'' rating, affects the RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8 and RealPlayer Enterprise.

eEye Digital Security, the company that discovered and reported the vulnerability to RealNetworks, said a remote attacker could overwrite heap memory with arbitrary data and execute malicious code via the digital media player.

''This specific flaw exists within the 'embd3260.dll' file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible,'' eEye said in an alert.

The company also warned of a RealPlayer boundary error when parsing URLs that can be exploited to cause a buffer overflow via a RAM file containing a specially crafted URL with a large number of period characters (''.'').

In a separate advisory, RealNetworks confirmed the existence of the security hole and released a patch to protect customers.

Buffer overflow attacks are a common technique used by malicious hackers to hijack vulnerable systems. A buffer overflow (or buffer overrun) is the condition where data transferred to a buffer exceeds the storage capacity and some of the data ''overflows'' into another buffer, one that the data was not intended to go into.

Security consultants iDEFENSE also issued a related RealPlayer advisory with a warning that an attacker could place a .RAM file (RealPlayer Presentation) containing a maliciously constructed URL on a Web server and send an e-mail to the target with a link containing the file.

The security warnings come at a crucial time for RealNetworks, which competes directly with Microsoft and Apple Computer for customers in the digital media delivery market.

Earlier this year, U.K.-based NGS Software warned of a potentially critical RealPlayer flaw that could allow malicious hackers to hijack vulnerable computers.

That flaw carried a ''highly critical'' rating.

This article was first published on

  • A Jump on Security Advisories (For a Fee)
  • Will Users of Word 97 'Bug' Out?
  • Denial of Service a Big WLAN Issue
  • IT Budget Woes Hampering Real-Time Responsiveness
  • 'Critical' Security Hole in Real's Helix Server
  • 4/5: Bdoor-ZAT Trojan Opens Backdoor
  • Senate Panel Approves Anti-Spyware Bill
  • 6/17: Download.Ject Installs File
  • 11/22: Swizzor-BQ Trojan Downloads, Runs Files
  • 8/20: Rbot-GS Exploits Vulnerabilities
  • AOL Offers Top 10 Spam List to Aid in Battle
  • Cheap Security Camera