In association with heise online

10 March 2008, 12:00

Security vulnerability in RealPlayer ActiveX

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Security researcher Elazar Broad has discovered a vulnerability in an ActiveX control in RealPlayer, which at least crashes the user's browser and may also allow execution of injected malicious code. For this to occur, users must visit crafted web pages in Internet Explorer.

The bug in the rmoc3260.dll ActiveX component apparently allows attackers to overwrite memory blocks on the heap after they have been freed, and to modify certain registers. According to the advisory, Broad is currently working on a demo.

The bug affects version of rmoc3260.dll. According to Broad, Real has not yet released an update to fix the vulnerability. He therefore recommends deactivating the control by setting the kill bit for the ClassIDs {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} and {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}. Microsoft has a knowledge base article which explains how to set a kill bit.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit