Added: 06/29/2007
CVE: CVE-2007-3410
BID: 24658
OSVDB: 37374
RealPlayer includes support for Synchronized Multimedia Integration Language (SMIL) files.
A buffer overflow vulnerability in the wallclock function could allow command execution upon opening a specially crafted SMIL file.
Update to a fixed version of RealPlayer by selecting Check for Update under the Help menu in RealPlayer.
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547>
Exploit works on RealPlayer 10.5 Gold and requires a user to open the exploit file in Internet Explorer 6 or 7.
Windows