SUSE Security Announcement - Various security problems were found in RealPlayer that allow a remote attacker to execute code in the local player by providing handcrafted files.
75d770e58d6f7a947862e78ef943044638179e7fd06c63ce9d72cb35e4a4905a
iDEFENSE Security Advisory 06.23.05-5 - Remote exploitation of a heap-based buffer overflow vulnerability in the RealText file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code. The vulnerability specifically exists because of a string copying operating into a fixed size heap buffer using the sprintf function. iDEFENSE Labs has confirmed that RealNetworks' RealPlayer 10.5 6.0.12.1056 on Windows and RealPlayer 10 and 10.0.1.436 on Linux are vulnerable.
df026c704e3ad34d1768b14092ad473096836595c1ffcde9e7933fe03348e7d9