CVE-2007-4904

Name of the Vulnerable Software and Affected Versions: RealPlayer version 10.1.0.3114 and earlier Helix Player version 1.0.6.778

Description: The issue allows user-assisted remote attackers to cause a denial of service, resulting in an application crash. This is achieved by providing a malformed .au file that triggers a divide-by-zero error.

Recommendations: For RealPlayer version 10.1.0.3114 and earlier, avoid opening malformed .au files to prevent the application crash. For Helix Player version 1.0.6.778, refrain from processing untrusted .au files until a fix is available. As a temporary workaround, consider disabling the processing of .au files in both RealPlayer and Helix Player until the issue is resolved.