[funsec] Caught in a (Real) Security Bind
my.security.lists at gmail.com
Fri Feb 1 21:40:09 CST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Paul Ferguson wrote:
| Via eWeek.
| RealNetworks finds itself at the mercy of an exploit writer who refuses to
| share details of a gaping hole in the widely deployed RealPlayer software.
| More than a month ago, on Dec. 16, 2007, a Russian security research firm
| released an exploit for a zero-day vulnerability in RealNetworks'
Maybe I'm naive...
How hard would it be for RealNetworks, to purchase a copy of the
software that has the exploit, reverse engineer it and then fix their
It screams to me to make sense this way...am I missing something here?
| _ |
| ASCII ribbon campaign ( ) |
| - against HTML email X |
| / \ |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
-----END PGP SIGNATURE-----
More information about the funsec