Red Hat has issued an updated HelixPlayer package that fixes a buffer overflow in the media player.
The buffer overflow bug was found in the way HelixPlayer processes SMIL files. An attacker could create a specially crafted SMIL file, which when combined with a malicious web server, could execute arbitrary code when opened by a user.
All users of HelixPlayer are advised to upgrade to this updated package, which contains HelixPlayer version 10.0.5 and is not vulnerable to this issue.
More information can be found at http://rhn.redhat.com/errata/RHSA-2005-517.html