CVE-2012-5690

RealNetworks RealPlayer <16.0.0.282-1.1.5 - RCE

Title source: llm

Description

RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer.

References (1)

[Vendor Advisory] http://service.real.com/realplayer/security/12142012_player/en/

Scores

EPSS 0.0338

EPSS Percentile 87.2%

Classification

CWE

CWE-94

Status draft

Affected Products (44)

realnetworks/realplayer < 16.0.0

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

realnetworks/realplayer

... and 29 more

Timeline

Published Dec 19, 2012

Tracked Since Feb 18, 2026