CVE Vulnerabilities

CVE-2007-4904

Published: Sep 17, 2007 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.

Affected Software

Name Vendor Start Version End Version
Helix_player Realnetworks 1.0.6 (including) 1.0.6 (including)
Realplayer Realnetworks 10.0.8 (including) 10.0.8 (including)
Realplayer Realnetworks 10.0.9 (including) 10.0.9 (including)
Realplayer Realnetworks 10.1 (including) 10.1 (including)
Realplayer Realnetworks 10.5-gold (including) 10.5-gold (including)
Helix-player Ubuntu dapper *
Helix-player Ubuntu edgy *
Helix-player Ubuntu feisty *
Helix-player Ubuntu gutsy *
Helix-player Ubuntu hardy *
Helix-player Ubuntu intrepid *
Helix-player Ubuntu jaunty *
Helix-player Ubuntu karmic *

References