Menu
RealPlayer, Helix Player vulnerable to attack

RealPlayer, Helix Player vulnerable to attack

Updates are now available that fix critical vulnerabilities in RealPlayer and Helix Player, two versions of a popular multimedia player.

Users are being advised to upgrade to newer versions of the RealPlayer and Helix Player multimedia products because of a critical security flaw.

The flaw could allow an attacker to gain control over a user's PC using a buffer overflow vulnerability, a memory problem that can allow unauthorized code to run on a machine, according to iDefense Inc.

The vulnerability was discovered last October but publicly disclosed Tuesday on iDefense's Web site.

Affected versions of the software include the 10.5 "gold" RealPlayer and any 1.x version of Helix Player, according to the French Security Incident Response Team (FrSIRT).

FrSIRT categorised the problems as "critical," adding that a denial-of-service attack is also possible.

RealPlayer users should receive notification of a "critical update," advising them to upgrade to the beta version of a new release, version 11, said Lewis Webb [cq], a spokesman for RealNetworks Inc.. The new version can be downloaded from the RealPlayer Web site, although the site does not mention the security problem.

Current versions of Helix Player, an open-source version of RealPlayer, are available on its developer Web site, at https://player.helixcommunity.org/2005/downloads/

For a successful attack, a user would have to be tricked into downloading from a Web site a malicious SMIL (synchronised multimedia integration language) file, a format used in rendering media, iDefense said.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments