April 21, 2005 Information Security Advisory

Two vulnerabilities today!

1- RealPlayer has been found to contain a buffer overflow vulnerability, 
allowing for system compromise.
RealPlayer Enterprise Buffer Overflow in 'pnen3260.dll' Lets Remote 
Users Execute Arbitrary Code - Apr 21, 2005
This affects versions 1.1, 1.2, 1.5, 1.6 and 1.7 of RealPlayer Enterprise 
(standalone and as configured by the RealPlayer Enterprise Manager).
Solution available at http://www.service.real.com/help/faq/security/security041905.html

2- An insecure file permissions vulnerability has been disclosed in 
McAfee Internet Security 2005, allowing for privilege escalation or 
the disablement of the product.

Description:
A security issue has been reported in McAfee Internet Security Suite 2005, 
which can be exploited by malicious, local users to gain escalated privileges.
The problem is caused due to insecure default file ACLs allowing non-administrative 
users to modify the installed files. This can be exploited to gain escalated privileges 
by e.g. replacing a program running as a system service with a malicious program.

Solution:
The vendor has reportedly acknowledged the security issue and is providing automated fixes.
We suggest you increase the frequency update on your McAfee software.

Happy safe computing!

Frederic Martin
www.workingarts.com

PS1: If you want to be removed from this computer security advisory mailing list, please 
reply with "remove" in the subject of the message. To review archived security warnings, 
please go to http://www.workingarts.com/infosecarchives.html

PS2: Please forward this email to your friends and colleagues, who can register to receive
these alerts at http://www.workingarts.com/specialoffer.html