Newly found
Vulnerabilities 04/05/08:
RealPlayer Update Released
RealPlayer has released an update to address ActiveX
vulnerability. This vulnerability is due to improper handling of multiple properties
of the RealPlayer ActiveX control (rmoc3260.dll). Exploitation of this
vulnerability may allow a remote, unauthenticated attacker to execute arbitrary
code. At this time, we have seen reports of active exploitation of this
vulnerability.
We encourage users to do the following to help mitigate the risk:
Update
RealPlayer to protect
against known attack vectors.