A vulnerability has been reported in Realplayer Enterprise, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in pnen3260.dll when processing RAM files and can be exploited to cause a buffer overflow via a specially crafted RAM file.
Successful exploitation allows execution of arbitrary code.
The vulnerability affects versions 1.1, 1.2, 1.5, 1.6, and 1.7.
SOFTWARE:
RealPlayer Enterprise 1.x
SOLUTION:
Install updated version of pnen3260.dll:
http://docs.real.com/docs/pnen3260.dll
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
RealNetworks:
http://www.service.real.com/help/faq/security/security041905.html
VERIFY ADVISORY:
http://secunia.com/advisories/15023/
Secunia Security Advisories
http://community.securityteam.us/article.php/20050423230415742