CVE-2012-0924

RealNetworks RealPlayer <15.02.71 - RCE

Title source: llm

Description

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.

References (2)

Core 2

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/47896

Vendor Advisory x_refsource_confirm

http://service.real.com/realplayer/security/02062012_player/en/

Scores

EPSS 0.0214

EPSS Percentile 84.4%

Details

CWE

CWE-94

Status published

Products (33)

realnetworks/realplayer 14.0.0

realnetworks/realplayer 14.0.1

realnetworks/realplayer 14.0.1.609

realnetworks/realplayer 14.0.1.633

realnetworks/realplayer 14.0.2

realnetworks/realplayer 14.0.3

realnetworks/realplayer 14.0.4

realnetworks/realplayer 14.0.5

realnetworks/realplayer 14.0.6

realnetworks/realplayer 14.0.7

... and 23 more

Published Feb 08, 2012

Tracked Since Feb 18, 2026