Linux RealPlayer Critical Alert: Remote Code Execution Risk Identified

The Linux versions of RealNetworks' popular RealPlayer and Helix Player can be used by attackers to load malicious code onto systems, several security organizations reported Tuesday. Both RealPlayer 10.x and Helix 1.x sport a zero-day vulnerability that could let a hacker execute commands remotely once he'd convinced the user to open a malformed .rp (realpix) or .rt (realtext) file. RealPix and RealText files are image slideshow and text-based displays (such as a scrolling ticker-style message) played by RealPlayer and Helix.

The most likely scenario: enticing users to a malicious Web site where duplicitous .rp or .rt files are used. French security firm FrSIRT rates the Linux-only vulnerability as "critical" because exploit code has been published and a patch has not yet been posted by RealNetworks.

According to the researcher who discovered the vulnerability -- known only as "c0ntex" in the posting on the SecurityFocus mailing list -- RealNetworks was informed of the bug.

The link for this article located at Information Week is no longer available.