RealPlayer and QuickTime flaws could let hackers in
Published: 02 Apr 2003 16:06 BST
Just as streaming video and audio is hitting the mainstream, researchers have sounded the alarm of serious security holes in two popular digital media players.
The vulnerabilities have cropped up in RealNetworks' RealOne and Apple Computer's QuickTime. While unrelated, both vulnerabilities could allow an intruder to execute damaging arbitrary code on a victim's computer.
Security experts are increasingly concerned about hackers exploiting digital media players, which are designed to accept Web addresses and scripts -- a key route for self-propagating, hostile code.
The current vulnerabilities come at a time when streaming content has gained momentum, providing news and entertainment to a growing number of people accessing the Internet via broadband connections.
RealNetworks has issued an advisory, warning that by creating a specifically corrupted Portable Network Graphics file, an attacker could cause "heap corruption". Doing so would allow the attacker to execute code on the victim's machine. The vulnerable software uses an older data-compression library within the RealPix component of the player, leaving the system vulnerable. The company said it has fixed the vulnerability by using an updated version of the data-compression library.
RealNetworks said it had not received any reports of anyone's computer actually being attacked via this exploit.
The vulnerability affected the following popular versions of its digital media players: RealOne Player, RealOne Player v2 for Windows, RealPlayer 8 for Windows, RealPlayer 8 for Mac OS 9, RealOne Player for Mac OS X, RealOne Enterprise Desktop Manager and RealOne Enterprise Desktop
Helix DNA Client was not affected, RealNetworks noted.
Meanwhile, security firm iDefense warned this week that it has discovered an exploitable buffer overflow vulnerability in Apple's QuickTime Player that could affect computers with Microsoft's Windows but not those with Apple's Macintosh OS.
Buffer overflows occur when an application is flooded with information and as a result cannot handle memory correctly. By causing a buffer overflow, attackers can insert their own code into the execution of the application.
In this case, a URL containing 400 characters will overrun the allocated space on the system, allowing the attacker to assume control of the system, iDefense said. All the attacker needs to do is to convince a Web surfer to click on a specially crafted URL.
iDefense said that QuickTime Player versions 5.x and 6.0 for Windows are vulnerable. The workaround suggested by iDefense is to remove the QuickTime handler from the Web browser or remove the registry key (HKEY_CLASSES_ROOT/quicktime).
Another option is to download Apple's QuickTime 6.1, which addresses this vulnerability, according to iDefense.
Let the editors know what you think in the Mailroom.
Did you find this article useful?
44 out of 112 people found this useful
- Share this article:
