RealPlayer/HelixPlayer AU Divide-By-Zero Denial of Service Vulnerability

Bugtraq ID:	25627
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-3410 CVE-2007-4904 CVE-2007-6235
Remote:	Yes
Local:	No
Published:	Sep 11 2007 12:00AM
Updated:	Jul 06 2016 02:17PM
Credit:	Nagendra Kumar G, Chandan S and Arun Kethipelly of OS2A discovered this issue.
Vulnerable:	Real Networks RealPlayer 10 for Linux 10.1 .3114 Real Networks RealPlayer 10 for Linux 10.0.9 Real Networks RealPlayer 10 for Linux 10.0.8 Real Networks RealPlayer 10.5-GOLD Real Networks Helix Player for Linux 1.0.6
Not Vulnerable:

RealPlayer/HelixPlayer AU Divide-By-Zero Denial of Service Vulnerability

RealPlayer and Helix Player are prone to a denial-of-service vulnerability when handling malformed AU media files.

Successfully exploiting this issue allows remote attackers to deny service to legitimate users.

RealPlayer/HelixPlayer AU Divide-By-Zero Denial of Service Vulnerability

The following proof-of-concept code is available:

• /data/vulnerabilities/exploits/real_dos.py

RealPlayer/HelixPlayer AU Divide-By-Zero Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

RealPlayer/HelixPlayer AU Divide-By-Zero Denial of Service Vulnerability

References:

• OS2A ID: OS2A_1010 - RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service (OS2A)
  
• RealPlayer Homepage (Real Networks)
  
• Realplayer 11 DOS attack when processing a malformed AU file on MS Vista and XP ([email protected])
  
• RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability (OS2A BTO )