CVE-2011-2945
RealPlayer 11.0-11.1 and 14.0.0-14.0.5 and RealPlayer SP 1.0-1.1.5 - Remote Code Execution via Crafted SIPR Stream
Title source: llmDescription
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025943
Vendor Advisory x_refsource_confirm
http://service.real.com/realplayer/security/08162011_player/en/
Scores
EPSS
0.0550
EPSS Percentile
90.3%
Details
CWE
CWE-119
Status
published
Products (18)
realnetworks/realplayer
11.0
realnetworks/realplayer
11.1
realnetworks/realplayer
14.0.0
realnetworks/realplayer
14.0.1
realnetworks/realplayer
14.0.2
realnetworks/realplayer
14.0.3
realnetworks/realplayer
14.0.4
realnetworks/realplayer
14.0.5
realnetworks/realplayer_sp
1.0.0
realnetworks/realplayer_sp
1.0.1
... and 8 more
Published
Aug 18, 2011
Tracked Since
Feb 18, 2026