CVE-2007-4904

Description

RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.

Affected products

• RealNetworks / helix_player1.0.6 – 1.0.6
• RealNetworks / realplayer10.0.8 – 10.0.8
• RealNetworks / realplayer10.0.9 – 10.0.9
• RealNetworks / realplayer10.1 – 10.1
• RealNetworks / realplayer10.5-gold – 10.5-gold

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/36545
• MISChttp://www.securityfocus.com/archive/1/479081/100/0/threaded
• MISChttp://www.securityfocus.com/bid/25627
• MISChttp://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html
• MISChttp://osvdb.org/39904