The RealPlayer and HelixPlayer users may be easely attacked by persons who exploit this flaw. The exploit code is now available on the Internet so the risk is very high.

This flaw occurs only on the Linux and Unix platforms. Windows and Mac users are not affected.

The programs run into a format string error when trying to parse a specially created RealPix or RealText document. The full system control can be taken if someone knows how to exploit this problem.

This threat was labeled “critical” by the specialists from Secunia and The French Security Incident Response Team who also warned: “To exploit this remotely, a user just needs to place the created file on a web site and provide a link so users can click the file, launching RealPlayer and inevitably exploiting the vulnerability”

All users are advised not to open RealMedia files from non-trusted sites until a fix is provided.