CVE-2014-3444

Realnetworks Realplayer < 16.0.3.51 - Code Injection

Title source: rule

Description

The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Aryan Bayaninejad · pythondosmultiple

https://www.exploit-db.com/exploits/39182

View Code ZIP pw:eip

References (1)

[Exploit] http://packetstormsecurity.com/files/126637

Scores

EPSS 0.2763

EPSS Percentile 96.4%

Classification

CWE

CWE-94

Status draft

Affected Products (5)

realnetworks/realplayer < 16.0.3.51

realnetworks/realplayer

Timeline

Published May 20, 2014

Tracked Since Feb 18, 2026