RealPlayer CDDA URI Initialization Failure

Strike ID:
E10-5w301
CVSS:
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
False Positive:
f
Variants:
1
Year:
2010

Description

This strike exploits an initialization vulnerability within RealNetworks RealPlayer. An overly long string that is passed to the CDDA URI causes an initialization failure, and because this isn't handeled properly uninitialized memory is accessed.

CVE

Bid