N/A

An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI.

N/A

N/A

RealNetworks RealPlayer ActiveX控件初始化错误漏洞

RealNetworks RealPlayer，RealPlayer SP，RealPlayer Enterprise都是非常流行的媒体播放器，支持多种媒体格式。 RealNetworks RealPlayer 11.0至11.1版本，RealPlayer SP 1.0至1.1.4版本以及RealPlayer Enterprise 2.1.2版本中的ActiveX控件在解析超长的CDDA URI时没有初始化对象的特殊组件，而播放器之后调用对象中的方式，远程攻击者可以借助超长URI执行任意代码或者导致拒绝服

N/A

N/A