CVE-2012-0922

RealNetworks RealPlayer <15.02.71 - RCE

Title source: llm
STIX 2.1

Description

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/47896
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/73018
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/78911
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/51883

Scores

EPSS 0.0289
EPSS Percentile 86.5%

Details

CWE
CWE-94
Status published
Products (33)
realnetworks/realplayer 14.0.0
realnetworks/realplayer 14.0.1
realnetworks/realplayer 14.0.1.609
realnetworks/realplayer 14.0.1.633
realnetworks/realplayer 14.0.2
realnetworks/realplayer 14.0.3
realnetworks/realplayer 14.0.4
realnetworks/realplayer 14.0.5
realnetworks/realplayer 14.0.6
realnetworks/realplayer 14.0.7
... and 23 more
Published Feb 08, 2012
Tracked Since Feb 18, 2026