vendor:
RealPlayer
by:
shinnai
7.5
CVSS
HIGH
Denial-of-Service
400
CWE
Product Name: RealPlayer
Affected Version From: 10.5
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:realnetworks:realplayer:10.5
Platforms Tested: Windows XP Professional SP2
RealPlayer Denial-of-Service Vulnerability
RealPlayer is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted files. Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users. Arbitrary code execution might be possible, but this is not confirmed.
Mitigation:
Apply the latest security patches and updates for RealPlayer. Avoid opening files from untrusted sources.