RealNetwork RealPlayer RA File Handling Remote Denial of Service Vulnerability
BID:23712
Info
RealNetwork RealPlayer RA File Handling Remote Denial of Service Vulnerability
| Bugtraq ID: | 23712 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-2497 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 30 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | n00b is credited with the discovery of this vulnerability. |
| Vulnerable: |
Real Networks RealPlayer Gold 10.0 |
| Not Vulnerable: | |
Discussion
RealNetwork RealPlayer RA File Handling Remote Denial of Service Vulnerability
RealNetworks RealPlayer is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted files.
An attacker may exploit this issue by enticing victims into opening a maliciously crafted file.
Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users.
RealPlayer 10 Gold is vulnerable to this issue; other versions may also be affected.
RealNetworks RealPlayer is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted files.
An attacker may exploit this issue by enticing victims into opening a maliciously crafted file.
Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users.
RealPlayer 10 Gold is vulnerable to this issue; other versions may also be affected.
Exploit / POC
RealNetwork RealPlayer RA File Handling Remote Denial of Service Vulnerability
An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.ra' file using the affected application.
The following exploit is available:
An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.ra' file using the affected application.
The following exploit is available:
Solution / Fix
RealNetwork RealPlayer RA File Handling Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any solutions for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any solutions for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
RealNetwork RealPlayer RA File Handling Remote Denial of Service Vulnerability
References:
References:
- RealPlayer Homepage (Real Networks)