Description
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.
References (5)
Core 5
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49193
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027076
Vendor Advisory x_refsource_confirm
http://service.real.com/realplayer/security/05152012_player/en/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75647
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/81943
Scores
EPSS
0.0354
EPSS Percentile
87.8%
Details
Status
published
Products (41)
realnetworks/realplayer
4
realnetworks/realplayer
5
realnetworks/realplayer
6
realnetworks/realplayer
7
realnetworks/realplayer
8
realnetworks/realplayer
10.0
realnetworks/realplayer
10.5
realnetworks/realplayer
11.0
realnetworks/realplayer
11.0.1
realnetworks/realplayer
11.0.2
... and 31 more
Published
May 18, 2012
Tracked Since
Feb 18, 2026