CVE-2007-3410

RealNetworks Helix Player and RealPlayer - Stack-Based Buffer Overflow via SMIL Wallclock Value

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3410. PoCs published by axis.

AI-analyzed exploit summary This exploit leverages a buffer overflow in the handling of SMIL files by targeting the 'begin' attribute with an excessively long wallclock value. It is designed to trigger a denial-of-service (DoS) condition in vulnerable software.

Description

Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.

Exploits (1)

exploitdb WORKING POC VERIFIED
by axis · htmldoswindows
https://www.exploit-db.com/exploits/4118

This exploit leverages a buffer overflow in the handling of SMIL files by targeting the 'begin' attribute with an excessively long wallclock value. It is designed to trigger a denial-of-service (DoS) condition in vulnerable software.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Windows Media Player (versions prior to patch for CVE-2007-3410)
No auth needed
Prerequisites: Vulnerable version of Windows Media Player · Ability to deliver a malicious SMIL file to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (21)

Core 21
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26463
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200709-05.xml
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24658
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2339
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35088
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0841.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26828
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38342
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/770904
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0605.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25859
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37374
Third Party Advisory mailing-list x_refsource_vim
http://www.attrition.org/pipermail/vim/2007-October/001841.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3628
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25819
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1018297
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27361
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1018299

Scores

EPSS 0.3607
EPSS Percentile 98.3%

Details

CWE
CWE-119
Status published
Products (10)
realnetworks/helix_player 10.0.5
realnetworks/helix_player 10.0.6
realnetworks/helix_player 10.0.7
realnetworks/helix_player 10.0.8
realnetworks/helix_player 10.5-gold
realnetworks/realone_player
realnetworks/realplayer 10.0
realnetworks/realplayer 10.1
realnetworks/realplayer 10.5
realnetworks/realplayer_enterprise
Published Jun 26, 2007
Tracked Since Feb 18, 2026