Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Feb12
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with RealPlayer which is prone to multiple vulnerabilities
Insight
Insight
The flaws are due to - An unspecified error in rvrender.dll, which allows to execute arbitrary code via a crafted flags in an RMFF file. - Improper handling of the frame size array by the RV20 codec, which allows to execute arbitrary code via a crafted RV20 RealVideo video stream. - Unspecified errors when processing VIDOBJ_START_CODE segments and coded_frame_size value in RealAudio audio stream. - An unspecified error in the RV40 and RV10 codec, which allows to execute arbitrary code via a crafted RV40 or RV10 RealVideo video stream.
Affected Software
Affected Software
RealPlayer versions 11.x and 14.x RealPlayer versions 15.x before 15.02.71 RealPlayer SP versions 1.0 through 1.1.5 (12.0.0.879)
Solution
Solution
Upgrade to RealPlayer version 15.02.71 or later.