RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code.
RealPlayer 14.0.1 and prior versions
A vulnerability was reported in RealPlayer. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted AVI file that, when loaded by the target user, will trigger a heap corruption error in 'vidplin.dll' and execute arbitrary code on the target system. The code will run with the privileges of the target user.
Affected software: Windows RealPlayer 14.0.1 and prior
RealNetworks always recommends upgrading your product to the most current version available to avoid security vulnerabilities. RealNetworks is making available product upgrades that contain security bug fixes.