Multiple buffer overflow vulnerabilities in RealNetworks products could allow a remote attacker to execute arbitrary code, warned U.S. Computer Emergency Readiness Team (US-CERT). "These vulnerabilities can be exploited by convincing a user to access a web page that references a specially crafted Flash (SWF) file,access a web page that references a specially crafted mimio boardcast (MBC) file and access a RealMedia file embedded in web page hosted on a malicious server", reads the security release posted on Wednesday.

To diminish the security risks, US-CERT recommends to apply the patches that RealNetworks released in last moth's security update. Also, users are suggested to disable RealPlayer AcitveX control in Internet Explorer and RealPlayer Plugin in other browsers. Finally, Us-CERT resommends not to visit untrusted web sites and not to follow supsicious links.