Description
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://service.real.com/realplayer/security/11182011_player/en/
Scores
EPSS
0.0213
EPSS Percentile
84.4%
Details
CWE
CWE-94
Status
published
Products (30)
realnetworks/realplayer
4
realnetworks/realplayer
5
realnetworks/realplayer
6
realnetworks/realplayer
7
realnetworks/realplayer
8
realnetworks/realplayer
10.0
realnetworks/realplayer
10.5
realnetworks/realplayer
11.0
realnetworks/realplayer
11.0.1
realnetworks/realplayer
11.0.2
... and 20 more
Published
Nov 24, 2011
Tracked Since
Feb 18, 2026