Description
The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://service.real.com/realplayer/security/11182011_player/en/
Scores
EPSS
0.0213
EPSS Percentile
84.4%
Details
CWE
CWE-94
Status
published
Products (37)
realnetworks/realplayer
7.0
realnetworks/realplayer
8.0
realnetworks/realplayer
10.0 (2 CPE variants)
realnetworks/realplayer
10.0.0.305
realnetworks/realplayer
10.0.0.331
realnetworks/realplayer
10.1
realnetworks/realplayer
12.0.0.1569
realnetworks/realplayer
4
realnetworks/realplayer
5
realnetworks/realplayer
6
... and 27 more
Published
Nov 24, 2011
Tracked Since
Feb 18, 2026