In Wednesday, security company Secunia disclosed a new security vulnerability in Real player and IE in which hackers could use RealMedia (. rm) files to open local files on browsers with RealPlayer installed.
This vulnerability exists in the RealPlayer of version number 10.5 (build 6.0.12.1056), which contains the plus and basic versions, for Windows, Mac os X, Linux, Unix, Palm OS, and Symbian OS. However, the past version also does not rule out the possibility of being infected. Secunia points out that a malicious user can create a Web site that can load local machine HTML documents through a special RealMedia file. If the user uses IE with RealPlayer, the hacker can also force the local file to open automatically.
Secunia recommends that the broad RealPlayer users avoid opening RealMedia (. rm) files from untrusted sites and shielding browsers from automatically opening these files.