iDefense Security Advisory 12.10.10 - Remote exploitation of a memory corruption vulnerability in RealNetworks, Inc.'s RealPlayer media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in the way RealPlayer handles specially crafted RealMedia files using RealAudio codec. When decoding an audio stream in a specially crafted RealMedia file, RealPlayer uses a value from the file without properly validating it, which leads to heap memory corruption and an exploitable condition. Windows RealPlayer SP 1.1.4 and prior; Mac RealPlayer 12.0.0.1379 and prior; Linux RealPlayer 11.0.2.1744 and prior are vulnerable.
3bf984d7fcb4905c07c4994599b83c41faf195b7ea7bcd93d290c1dabb9864fd