RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.
Updated December 14, 2012
RealNetworks is making available product upgrades that contain security bug fixes. We have received no reports of any machines actually being compromised as a result of the now-remedied vulnerabilities.
RealNetworks always recommends upgrading your product to the most current version available to avoid security vulnerabilities.
Current
Software
The
current versions of our Player software are not affected by these
vulnerabilities.
|
Software |
Affected? |
Operating
System |
Language |
|
RealPlayer 16.0.0.282 |
No |
Windows XP, Vista, Win7, Win8 |
All Supported |
|
Mac RealPlayer 12.0.1.1738 |
No |
Mac OS X 10.3 – 10.8.2 |
All Supported |
Affected
Software
The
table below contains a summary of which previous and current versions of the
RealPlayer software are susceptible to these vulnerabilities. The columns and
cells in green are the versions of each product where the issue has been
resolved.
|
CVE
Number |
RealPlayer |
RealPlayer SP 1.0
– 1.1.5 |
RealPlayer 14.0.0
– 15.0.6.14 |
RealPlayer 16.0.0.282
|
|
Mac RealPlayer 12.0.0.1701 |
Mac RealPlayer 12.0.1.1738 |
|
CVE-2012-5690 |
X |
X |
X |
|
|||
|
CVE-2012-5691 |
X |
X |
X |
CVE Descriptions
CVE-2012-5690
RealPlayer - RealAudio Invalid pointer vulnerability
Affected software: Windows RealPlayer 15.0.6.14 and prior.
Credit to Senator of Pirates for reporting this issue.
CVE-2012-5691
RealPlayer - Buffer overflow with RealMedia files vulnerability
Affected software: Windows RealPlayer 15.0.6.14 and prior.
Credit to Suto for reporting this issue.
Warranty:
RealNetworks Inc. endeavors to provide you with the highest quality products and services, but cannot guarantee, and does not warrant, that the operation of any RealNetworks product will be error-free, uninterrupted or secure. Please see your original license agreement for details of our limited warranty or warranty disclaimer.