|
Downloads
|
|
Security vulnerabilities have been found in RealNetworks' RealPlayer and Apple Computer's QuickTime.
Both programs have security weaknesses which may allow someone to execute malicious code on a user's computer. Real Networks says an attacker could cause a heap corruption, which would allow code to be executed on a user's machine. The vulnerability is caused through a data-compression library within the RealPix component of the player. The security hole can be fixed by using an updated version of the data-compression library.
The following programs are affected by the hole: RealOne Player, RealOne Player v2 for Windows, RealPlayer 8 for Windows, RealPlayer 8 for Mac OS 9, RealOne Player for Mac OS X, RealOne Enterprise Desktop Manager and RealOne Enterprise Desktop .
Security firm iDefense claims Apple's QuickTime Player is vulnerable to a buffer overflow, but only when using the player on a Microsoft platform. A buffer overflow occurs when a program's memory is scrambled with a flood of information. Attackers can insert their own code or take over a machine by causing the overflow.
iDefense claims a URL containing 400 characters or more will cause a buffler overflow, allowing someone to take over a machine. QuickTime Player versions 5.x and 6.0 for Windows are said to be vulnerable to this exploit.
Apple recommends installing QuickTime 6.1 to overcome the problem.
© Friday, 4 April 2003 By Geoff Nicholson
*********************************
|
News
News & Updates
Privacy Policy & Disclaimer
Site Created, Designed & Maintained by Affordable Website Design
Clipart courtesy of
Fortunecity Free Gif Art Library | Jo's World | FeebleMinds | Music Graphics Galore
Remote Hosted Apps courtesy of Bravenet.com
|
_(2).gif)
