CVE-2011-2955
RealPlayer 11.0-11.1, 14.0.0-14.0.5, SP 1.0-1.1.5, Enterprise 2.0-2.1.5 - Use-After-Free via Modal Dialog
Title source: llmDescription
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025943
Vendor Advisory x_refsource_confirm
http://service.real.com/realplayer/security/08162011_player/en/
Scores
EPSS
0.0165
EPSS Percentile
82.3%
Details
CWE
CWE-399
Status
published
Products (24)
realnetworks/realplayer
11.0
realnetworks/realplayer
11.1
realnetworks/realplayer
14.0.0
realnetworks/realplayer
14.0.1
realnetworks/realplayer
14.0.2
realnetworks/realplayer
14.0.3
realnetworks/realplayer
14.0.4
realnetworks/realplayer
14.0.5
realnetworks/realplayer
2.0
realnetworks/realplayer
2.1
... and 14 more
Published
Aug 18, 2011
Tracked Since
Feb 18, 2026