CVE-2013-3299

RealNetworks RealPlayer <16.0.2.32 - DoS

Title source: llm

Description

RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Akshaysinh Vaghela · htmldosmultiple

https://www.exploit-db.com/exploits/38623

View Code ZIP pw:eip

References (1)

[Mailing List] http://seclists.org/bugtraq/2013/Jul/18

Scores

EPSS 0.1171

EPSS Percentile 93.7%

Details

CWE

CWE-20

Status published

Products (39)

realnetworks/realplayer 4

realnetworks/realplayer 5

realnetworks/realplayer 6

realnetworks/realplayer 7

realnetworks/realplayer 8

realnetworks/realplayer 10.0

realnetworks/realplayer 10.5

realnetworks/realplayer 11.0

realnetworks/realplayer 11.0.1

realnetworks/realplayer 11.0.2

... and 29 more

Published Jul 06, 2013

Tracked Since Feb 18, 2026