CVE Vulnerabilities

CVE-2012-2406

Published: May 18, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.

Affected Software

Name Vendor Start Version End Version
Realplayer Realnetworks 4 4
Realplayer Realnetworks 5 5
Realplayer Realnetworks 6 6
Realplayer Realnetworks 7 7
Realplayer Realnetworks 8 8
Realplayer Realnetworks 10.0 10.0
Realplayer Realnetworks 10.5 10.5
Realplayer Realnetworks 11.0 11.0
Realplayer Realnetworks 11.0.1 11.0.1
Realplayer Realnetworks 11.0.2 11.0.2
Realplayer Realnetworks 11.0.2.1744 11.0.2.1744
Realplayer Realnetworks 11.0.2.2315 11.0.2.2315
Realplayer Realnetworks 11.0.3 11.0.3
Realplayer Realnetworks 11.0.4 11.0.4
Realplayer Realnetworks 11.0.5 11.0.5
Realplayer Realnetworks 11.1 11.1
Realplayer Realnetworks 11.1.3 11.1.3
Realplayer Realnetworks 11_build_6.0.14.748 11_build_6.0.14.748
Realplayer Realnetworks 12.0.0.1444 12.0.0.1444
Realplayer Realnetworks 12.0.0.1548 12.0.0.1548
Realplayer Realnetworks 14.0.0 14.0.0
Realplayer Realnetworks 14.0.1 14.0.1
Realplayer Realnetworks 14.0.1.609 14.0.1.609
Realplayer Realnetworks 14.0.2 14.0.2
Realplayer Realnetworks 14.0.3 14.0.3
Realplayer Realnetworks 14.0.4 14.0.4
Realplayer Realnetworks 14.0.5 14.0.5
Realplayer Realnetworks 15.0.0 15.0.0
Realplayer Realnetworks 15.0.1.13 15.0.1.13
Realplayer Realnetworks * 15.0.4
Realplayer Realnetworks 15.02.71 15.02.71
Realplayer_sp Realnetworks 1.0.0 1.0.0
Realplayer_sp Realnetworks 1.0.1 1.0.1
Realplayer_sp Realnetworks 1.0.2 1.0.2
Realplayer_sp Realnetworks 1.0.5 1.0.5
Realplayer_sp Realnetworks 1.1 1.1
Realplayer_sp Realnetworks 1.1.1 1.1.1
Realplayer_sp Realnetworks 1.1.2 1.1.2
Realplayer_sp Realnetworks 1.1.3 1.1.3
Realplayer_sp Realnetworks 1.1.4 1.1.4
Realplayer_sp Realnetworks 1.1.5 1.1.5

References