Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0926

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0926
Last Modified 24 Feb 2012 11:21:16
Published 08 Feb 2012 10:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0926

Summary

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream.

Vulnerable Systems

Application

  • Realnetworks Realplayer 11 Build 6.0.14.748

  • Realnetworks Realplayer 11.0

  • Realnetworks Realplayer 11.0.1

  • Realnetworks Realplayer 11.0.2

  • Realnetworks Realplayer 11.0.2.1744

  • Realnetworks Realplayer 11.0.2.2315

  • Realnetworks Realplayer 11.0.3

  • Realnetworks Realplayer 11.0.4

  • Realnetworks Realplayer 11.0.5

  • Realnetworks Realplayer 11.1

  • Realnetworks Realplayer 11.1.3

  • Realnetworks Realplayer 14.0.0

  • Realnetworks Realplayer 14.0.1

  • Realnetworks Realplayer 14.0.1.609

  • Realnetworks Realplayer 14.0.1.633

  • Realnetworks Realplayer 14.0.2

  • Realnetworks Realplayer 14.0.3

  • Realnetworks Realplayer 14.0.4

  • Realnetworks Realplayer 14.0.5

  • Realnetworks Realplayer 14.0.6

  • Realnetworks Realplayer 14.0.7

  • Realnetworks Realplayer 15.0.0

  • Realnetworks Realplayer 15.0.1.13

  • Realnetworks Realplayer Sp 1.0.0

  • Realnetworks Realplayer Sp 1.0.1

  • Realnetworks Realplayer Sp 1.0.2

  • Realnetworks Realplayer Sp 1.0.5

  • Realnetworks Realplayer Sp 1.1

  • Realnetworks Realplayer Sp 1.1.1

  • Realnetworks Realplayer Sp 1.1.2

  • Realnetworks Realplayer Sp 1.1.3

  • Realnetworks Realplayer Sp 1.1.4

  • Realnetworks Realplayer Sp 1.1.5


References

CONFIRM - http://service.real.com/realplayer/security/02062012_player/en/

SECUNIA - 47896

Related Patches

RealPlayer (English) 15 (15.0.2.72) for Windows (Update)


Last Updated: 27 May 2016 10:58:12