RealPlayer Buffer Overflow allows crashing or takeovers by hackers
Source: Security Tracker
A buffer overflow vulnerability was reported in the RealPlayer client software. A remote user can create a specially crafted media stream that will cause the RealPlayer to crash. It is reported that crashes can be achieved in multiple versions of the Real Media file format including the G2 format and older formats.
RealPlayer reportedly trusts a null terminated user-supplied value that specifies the length of various fields of the format. A remote user can create a media format that sets the two byte string length indicator for certain fields to the string '0xFFFF' to cause the player to crash. A remote user may be able to cause arbitrary code to be executed by the RealPlayer (but this has not been confirmed).....