Description
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://service.real.com/realplayer/security/11182011_player/en/
Scores
EPSS
0.0497
EPSS Percentile
89.8%
Details
CWE
CWE-94
Status
published
Products (37)
realnetworks/realplayer
7.0
realnetworks/realplayer
8.0
realnetworks/realplayer
10.0 (2 CPE variants)
realnetworks/realplayer
10.0.0.305
realnetworks/realplayer
10.0.0.331
realnetworks/realplayer
10.1
realnetworks/realplayer
12.0.0.1569
realnetworks/realplayer
4
realnetworks/realplayer
5
realnetworks/realplayer
6
... and 27 more
Published
Nov 24, 2011
Tracked Since
Feb 18, 2026