小心! Realplayer 都出現安全問題, 可以全面控制你的電腦!

RealNetworks Inc. has recently been made aware of security vulnerabilities that could potentially allow an attacker to run arbitrary or malicious code on a user's machine. While we have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks Inc. Real has found and fixed the problem.

The specific exploits were:

Exploit 1: To fashion an RM file which corrupts the Player when run from a local drive and which might allow an attacker to execute arbitrary code on a user's machine.

Exploit 2: To fashion a web page with malformed calls, corrupting the embedded Player, and which might allow an attacker to execute arbitrary code on a user's machine.

Exploit 3: To fashion a web page and a media file to allow deletion of a file in a path known to the attacker.

http://service.real.com/help/faq/security/040928_player/EN/