A denial of service flaw exists in RealPlayer and HelixPlayer when a user tries to open a malformed .au file. The flaw is due to a Division by Zero error when processing a malformed AU file. An attacker must entice an unsuspecting user to open a maliciously crafted AU file. Realplayer versions 10.1.0.3114 and below and Helixplayer version 1.0.6.778 are affected. Proof of concept included.
28be1324049b26d3f596b6ba348ac009e99f312a5179e495cba05ab6a4852baa
The Ripe Website Manager versions 0.8.9 and below suffer from cross site scripting and SQL injection vulnerabilities.
95773f2cddbb5b6ee24c32dbaac520a253e14fc033b883d64c6c1bc97af70364