ITS Homepage Click here for text version of ITS homepage
Contact UAlbany Directories Calendars & Schedules Visitors Site Index Search
Admissions Academics Research IT Services Libraries Athletics
alerts_tag
*UNPATCHED* Vulnerability for RealPlayer


ALARM Group ALERT - click for a description of ALARM, The Computing Alert System


Alert Number:  010408-01
Alert Date:  01/04/08
Alert Title:  *UNPATCHED* Vulnerability for RealPlayer
Update-to:  None
OS/Platform/Application:  RealPlayer 11.x (on all platforms)
Category:  ALERT
Severity:  HIGH
Attention:  System Administrators, Desktop Support Personnel, RealPlayer users.

Summary:  Numerous Internet Security-related agencies are reporting the existence of a "highly critical" vulnerability in RealPlayer that (if exploited) could result in execution of arbitrary code.  The most likely vector of exploit is the viewing of a maliciously-crafted website or media file.  At the time of this writing, no patch has been provided by the Vendor to address this problem.

Recommended Actions:   System Administrators/users are encouraged to read the security bulletins pertaining to this vulnerability (safe links provided below) and to use extreme caution in using RealPlayer until a patch has been released to address this issue. 

Readers are encouraged to share this alert with family, friends, and associates who may use RealPlayer on their home PCs.

ITS Actions:  N/A

Resources: SANS Advisory:
http://isc.sans.org/diary.html?storyid=3810

Secuina Advisory:
http://secunia.com/advisories/28276/
 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group

Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies