Return to VNFAWING.com Website Return to Main Forum Index PageReturn to VNFAWING.com Website
:: Forum Index :: Zephyrnet Forums :: FAQ :: Search :: Memberlist :: Groups :: Register :: Profile :: Log in to check your private messages :: Log in ::
Exploit code targets RealPlayer, researchers warn

 
Post new topic   Reply to topic    VNFAWING.com Forum Index -> Internet, Hardware, Networking, & Security Forum
View previous topic :: View next topic  
Author Message
CAG Hotshot

Admin, Site Owner, Developer, Webmaster
 

Rank: Admin, Site Owner, Developer, Webmaster

Joined: 12 Aug 2004

Posts: 16082

Post subject: Exploit code targets RealPlayer, researchers warn Reply with quote
Quote:
Exploit code targets RealPlayer, researchers warn

The United States Computer Emergency Readiness Team (US-CERT) is warning of working exploit code targeting a zero-day flaw in the latest version of RealPlayer.

The flaw affects RealPlayer 11 build 6.0.14.748.

Evgeny Legerov, founder of Russian-based security firm, Gleg, announced a few details of the code. Legerov posted a brief announcement at the Dailydave security discussion board. In his post, Gleg links to a flash demonstration of the working code ( http://gleg.net/realplayer11.html ).

Gleg released the exploit code Dec. 16 to customers that license its periodic updates via its VulnDisco Step Ahead exploit packages. The packages are used with Immunity CANVAS testing software.

Seattle-based Real said it is working to determine the validity of the exploit code.

In October, Real released a patch for 10.5 and 11 beta to remove a security flaw attackers had actively targeted.

Media players are a constant target of attackers.

In late November, exploit code surfaced for a zero-day buffer-overflow flaw in Apple Inc.'s widely used QuickTime media player, giving attackers the opportunity to hijack vulnerable computers running Mac OS X and the latest versions of Microsoft Windows.

Also a serious glitch was discovered in November in how applications from a variety of vendors process audio FLAC files, opening the door for attackers to hijack vulnerable computer systems.

_________________
CAG Hotshot
"FAF Shape Meister"
Forum Administrator
FAF/FA-2 Design team
TSH Member/Developer

-------- __@
----- _`\<,_
---- (*)/ (*)
~~~~~~~~~~~~~~~~



PostThu Jan 3 14:55:45 2008
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    VNFAWING.com Forum Index -> Internet, Hardware, Networking, & Security Forum All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls




VNFAWING Flight Sim Development Center,Inc. - VNFAWING.comô

Powered by phpBB © 2001 - phpBB Group