CVE Vulnerabilities

CVE-2012-2406

Published: May 18, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.

Affected Software

Name Vendor Start Version End Version
Realplayer Realnetworks 11.0 11.0
Realplayer_sp Realnetworks 1.0.1 1.0.1
Realplayer_sp Realnetworks 1.1.5 1.1.5
Realplayer_sp Realnetworks 1.1.3 1.1.3
Realplayer_sp Realnetworks 1.0.0 1.0.0
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 11.0.4 11.0.4
Realplayer Realnetworks 15.0.0 15.0.0
Realplayer Realnetworks 4 4
Realplayer Realnetworks * 15.0.4
Realplayer Realnetworks 14.0.3 14.0.3
Realplayer_sp Realnetworks 1.0.2 1.0.2
Realplayer Realnetworks 5 5
Realplayer Realnetworks 14.0.1 14.0.1
Realplayer_sp Realnetworks 1.1 1.1
Realplayer Realnetworks 12.0.0.1444 12.0.0.1444
Realplayer_sp Realnetworks 1.1.2 1.1.2
Realplayer Realnetworks 11.0.2 11.0.2
Realplayer Realnetworks 14.0.4 14.0.4
Realplayer Realnetworks 11.0.3 11.0.3
Realplayer Realnetworks 11.0.2.2315 11.0.2.2315
Realplayer Realnetworks 11.0.5 11.0.5
Realplayer_sp Realnetworks 1.1.4 1.1.4
Realplayer Realnetworks 8 8
Realplayer Realnetworks 11.0.2.1744 11.0.2.1744
Realplayer Realnetworks 7 7
Realplayer Realnetworks 12.0.0.1548 12.0.0.1548
Realplayer Realnetworks 11.1.3 11.1.3
Realplayer Realnetworks 10.5 10.5
Realplayer Realnetworks 6 6
Realplayer Realnetworks 11.1 11.1
Realplayer Realnetworks 11.0.1 11.0.1
Realplayer Realnetworks 11_build_6.0.14.748 11_build_6.0.14.748
Realplayer Realnetworks 14.0.2 14.0.2
Realplayer Realnetworks 15.0.1.13 15.0.1.13
Realplayer Realnetworks 14.0.1.609 14.0.1.609
Realplayer_sp Realnetworks 1.1.1 1.1.1
Realplayer Realnetworks 14.0.5 14.0.5
Realplayer_sp Realnetworks 1.0.5 1.0.5
Realplayer Realnetworks 15.02.71 15.02.71
Realplayer Realnetworks 14.0.0 14.0.0

References