Real Advisory

DATE: March 22, 2006

CONFIRM: http://www.service.real.com/realplayer/security/03162006_player/en/

Vulnerability Details:

* Vulnerability 1: The identified vulnerability could theoretically allow execution of a program on the local machine that was placed in the path of RealPlayer by a previous separate attack. CAN-2005-2936
* Vulnerability 2: The identified vulnerability is a malicious swf file (flash media) which could cause a buffer overrun on a customer's machine. CVE-2006-0323