KLA10895
Denial of service vulnerability in RealNetworks RealPlayer
Updated: 06/01/2019
Detect date
?
10/28/2016
Severity
?
Warning
Description

An improper data handling was found in RealNetworks RealPlayer. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed .QCP file.

NB: This vulnerability have no public CVSS rating so rating can be changed by the time.


Technical details

This vulnerability related to qcpfformat.dll and can be triggered via repeating VRAT chunk.

Affected products

RealNetworks RealPlayer 18.1.5.705

Solution

Avoid opening .QCP files from untrusted sources.

Impacts
?
DoS 
[?]
Related products
RealTimes
CVE-IDS
?
CVE-2016-90184.3Warning