RealNetworks RealPlayer ActiveX Control Remote Denial of Service Vulnerability
BID:21689
Info
RealNetworks RealPlayer ActiveX Control Remote Denial of Service Vulnerability
| Bugtraq ID: | 21689 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 20 2006 12:00AM |
| Updated: | Dec 22 2006 12:02AM |
| Credit: | shinnai <[email protected]> discovered this vulnerability. |
| Vulnerable: |
RealNetworks RealPlayer 10.5 v6.0.12.1483 RealNetworks RealPlayer 10.5 v6.0.12.1348 RealNetworks RealPlayer 10.5 v6.0.12.1235 RealNetworks RealPlayer 10.5 v6.0.12.1069 RealNetworks RealPlayer 10.5 v6.0.12.1059 RealNetworks RealPlayer 10.5 v6.0.12.1056 RealNetworks RealPlayer 10.5 v6.0.12.1053 RealNetworks RealPlayer 10.5 v6.0.12.1040 RealNetworks RealPlayer 10.5 Beta v6.0.12.1016 RealNetworks RealPlayer 10.5 |
| Not Vulnerable: | |
Discussion
RealNetworks RealPlayer ActiveX Control Remote Denial of Service Vulnerability
RealNetworks RealPlayer is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to trigger denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.
RealPlayer version 10.5 is vulnerable to this issue; other versions may also be affected.
RealNetworks RealPlayer is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to trigger denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.
RealPlayer version 10.5 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
RealNetworks RealPlayer ActiveX Control Remote Denial of Service Vulnerability
An example exploit has been provided:
An example exploit has been provided:
Solution / Fix
RealNetworks RealPlayer ActiveX Control Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
RealNetworks RealPlayer ActiveX Control Remote Denial of Service Vulnerability
References:
References:
- RealPlayer Homepage (Real Networks)