Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1904

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1904
Last Modified 24 Aug 2012 11:26:22
Published 28 Mar 2012 06:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1904

Summary

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.

Vulnerable Systems

Application

  • Realnetworks Realplayer 10.0

  • Realnetworks Realplayer 10.5

  • Realnetworks Realplayer 11 Build 6.0.14.748

  • Realnetworks Realplayer 11.0

  • Realnetworks Realplayer 11.0.1

  • Realnetworks Realplayer 11.0.2

  • Realnetworks Realplayer 11.0.2.1744

  • Realnetworks Realplayer 11.0.2.2315

  • Realnetworks Realplayer 11.0.3

  • Realnetworks Realplayer 11.0.4

  • Realnetworks Realplayer 11.0.5

  • Realnetworks Realplayer 11.1

  • Realnetworks Realplayer 11.1.3

  • Realnetworks Realplayer 12.0.0.1444

  • Realnetworks Realplayer 12.0.0.1548

  • Realnetworks Realplayer 14.0.0

  • Realnetworks Realplayer 14.0.1

  • Realnetworks Realplayer 14.0.1.609

  • Realnetworks Realplayer 14.0.2

  • Realnetworks Realplayer 14.0.3

  • Realnetworks Realplayer 14.0.4

  • Realnetworks Realplayer 14.0.5

  • Realnetworks Realplayer 15.0.0

  • Realnetworks Realplayer 2.1.2

  • Realnetworks Realplayer 2.1.3

  • Realnetworks Realplayer 2.1.4

  • Realnetworks Realplayer 4

  • Realnetworks Realplayer 5

  • Realnetworks Realplayer 6

  • Realnetworks Realplayer 7

  • Realnetworks Realplayer 8

  • Realnetworks Realplayer Sp 1.0.0

  • Realnetworks Realplayer Sp 1.0.1

  • Realnetworks Realplayer Sp 1.0.2

  • Realnetworks Realplayer Sp 1.0.5

  • Realnetworks Realplayer Sp 1.1

  • Realnetworks Realplayer Sp 1.1.1

  • Realnetworks Realplayer Sp 1.1.2

  • Realnetworks Realplayer Sp 1.1.3

  • Realnetworks Realplayer Sp 1.1.4


References

MISC - http://packetstormsecurity.org/files/111162/RealPlayer-1.1.4-Memory-Corruption.html

SECTRACK - 1027076

SECUNIA - 49193

Related Patches

RealPlayer (English) 15 (15.0.5.109) for Windows (Update) (See Notes)


Last Updated: 27 May 2016 11:00:18