Find the answer to your Linux question:
Results 1 to 5 of 5
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Apr 2004
    Looe, Cornwall UK

    realplayer for linux is vunerable?

    Quote Originally Posted by my email
    RealPlayer vulnerability: The digital security website eEye released an advisory Friday that says that a wide range of RealPlayer media players have security flaws that not only affect computers with Microsoft operating systems, but those with Linux and Macintosh operating systems as well. According to eEye, the "vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player." A patch is expected in a couple of weeks.
    execute arbitary code? don't you need to be root to do that?

    Cry out for freedom! Cry out for Linux!

  2. #2
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    St. Petersburg, FL
    maybe it only affects morons who run everything as root. lol
    actually i used to be one of those morons... heh

  3. #3
    Linux Guru
    Join Date
    Mar 2003
    Any user could execute "arbitrary code", but only root has the potential to execute arbitrary code that could have devistating consequences.

    Still, that's pretty freaking scary. Think it affects Helix Player, too?
    Registered Linux user #346571
    "All The Dude ever wanted was his rug back" - The Dude

  4. $spacer_open
  5. #4
    Linux Enthusiast scientica's Avatar
    Join Date
    Sep 2003
    South- or "Mid-" Sweden
    "A patch is expected in a couple of weeks."

    well, you don't need to be root to have bastards running code for you that will "rm -fr ~" :/ But, who uses realplayer anyway, ne? :P
    Regards Scienitca (registered user #335819 - )
    A master is nothing more than a student who knows something of which he can teach to other students.

  6. #5
    Linux Guru techieMoe's Avatar
    Join Date
    Aug 2004
    Yeah, this is yet another case of "doesn't affect me, I don't use the software". Whenever some "news" organization makes broad sweeping claims like "LINUX VIRUS FOUND!!!" I just have to laugh. Nine times out of ten it's a problem with some obscure program or library that I have never and will never use. I've never liked Real products.
    Registered Linux user #270181

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts