Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0928

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0928
Last Modified 09 Feb 2012 12:00:00
Published 08 Feb 2012 10:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0928

Summary

The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file.

Vulnerable Systems

Application

  • Realnetworks Realplayer 11 Build 6.0.14.748

  • Realnetworks Realplayer 11.0

  • Realnetworks Realplayer 11.0.1

  • Realnetworks Realplayer 11.0.2

  • Realnetworks Realplayer 11.0.2.1744

  • Realnetworks Realplayer 11.0.2.2315

  • Realnetworks Realplayer 11.0.3

  • Realnetworks Realplayer 11.0.4

  • Realnetworks Realplayer 11.0.5

  • Realnetworks Realplayer 11.1

  • Realnetworks Realplayer 11.1.3

  • Realnetworks Realplayer 12.0.0.1569

  • Realnetworks Realplayer 12.0.0.1701

  • Realnetworks Realplayer 14.0.0

  • Realnetworks Realplayer 14.0.1

  • Realnetworks Realplayer 14.0.1.609

  • Realnetworks Realplayer 14.0.1.633

  • Realnetworks Realplayer 14.0.2

  • Realnetworks Realplayer 14.0.3

  • Realnetworks Realplayer 14.0.4

  • Realnetworks Realplayer 14.0.5

  • Realnetworks Realplayer 14.0.6

  • Realnetworks Realplayer 14.0.7

  • Realnetworks Realplayer Sp 1.0.0

  • Realnetworks Realplayer Sp 1.0.1

  • Realnetworks Realplayer Sp 1.0.2

  • Realnetworks Realplayer Sp 1.0.5

  • Realnetworks Realplayer Sp 1.1

  • Realnetworks Realplayer Sp 1.1.1

  • Realnetworks Realplayer Sp 1.1.2

  • Realnetworks Realplayer Sp 1.1.3

  • Realnetworks Realplayer Sp 1.1.4

  • Realnetworks Realplayer Sp 1.1.5


References

CONFIRM - http://service.real.com/realplayer/security/02062012_player/en/

Related Patches

RealPlayer (English) 15 (15.0.2.72) for Windows (Update)


Last Updated: 27 May 2016 10:58:12