Realplayer has issued a critical patch for a couple vulnerabilities
Incidents.org is reporting that realplayer has issued a patch in response to two vulnerabilities discovered by eEye. The first involves a skin file which could be loaded through the browser without permission and the second, a specially made .rm file which could allow code execution.
Update 11/11 – The security fix has further coverage