Remote exploitation of a buffer overflow within RealNetworks' RealPlayer and HelixPlayer allows attackers to execute arbitrary code in the context of the user.
The issue specifically exists in the handling of HH:mm:ss.f time formats by the 'wallclock' functionality within the code supporting SMIL2. An excerpt from the code follows.
A successful exploit requires that an attacker lure a RealPlayer/HelixPlayer user to open a maliciously crafted SMIL file. This can be done by simply convincing the target to visit a malicious Web page.
iDefense said it confirmed the bug in version 10.5-GOLD of RealNetworks' RealPlayer and HelixPlayer. Older versions are assumed to be vulnerable.
The company confirmed that RealNetworks addressed this vulnerability by releasing fixed versions of their software.
RealNetworks has not provided iDefense with any links referring to updated packages or advisories. Installing the latest version from their web site will address the vulnerability.
To ensure your RealPlayer software is patched, use the Tools menu and select Check for Update.