Customer Support
International Downloads Documentation Real.com RealNetworks.com

Security Patch Update For Realplayer Enterprise

Updated April 19, 2005

RealNetworks, Inc. has addressed recently discovered security vulnerabilities that offered the potential for an attacker to run arbitrary or malicious code on a customer's machine. RealNetworks has received no reports of machines compromised as a result of the now-remedied vulnerabilities. RealNetworks takes all security vulnerabilities very seriously.

The specific exploit was:

To fashion a malicious RAM file to cause a buffer overflow which could have allowed an attacker to execute arbitrary code on a customer's machine.

Impacted Products and Versions:
This affects versions 1.1, 1.2, 1.5, 1.6 and 1.7 of RealPlayer Enterprise (standalone and as configured by the RealPlayer Enterprise Manager).

Workaround
To ensure that your Player is protected, we recommend installing the available updates.

UPDATES

Windows Players:

RealPlayer Enterprise Solution:
Updated .DLL that addresses security vulnerability in previously installed RPEM / RDM: pnen3260.dll

Copy this file into the \Program Files\Common\Real\Common directory of an existing RPEM/RDM install.

Please click here to get the updated .DLL for your RealPlayer Enterprise.

You PAM site will contain a complete / updated copy of RPEM / RDM.

WARRANTY:

While RealNetworks endeavors to provide you with the highest quality products and services, we cannot guarantee and do not warrant that the operation of any RealNetworks product will be error-free, uninterrupted or secure. See your original license agreement for details of our limited warranty or warranty disclaimer.