Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6235

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6235
Last Modified 05 Sep 2008 05:32:44
Published 04 Dec 2007 01:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6235

Summary

A certain ActiveX control in RealNetworks RealPlayer 11 allows remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. NOTE: this might be related to CVE-2007-4904.

Vulnerable Systems

Application

  • Realnetworks Realplayer 11


References

BUGTRAQ - 20071201 Realplayer 11 DOS attack when processing a malformed AU file on MS Vista and XP

MISC - http://www.safehack.com/Advisory/realpdos_au.txt

MILW0RM - 4683


Last Updated: 27 May 2016 10:46:25