RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.
References
Link | Resource |
---|---|
http://service.real.com/realplayer/security/02062012_player/en/ | Vendor Advisory |
http://secunia.com/advisories/47896 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2012-02-08 07:55
Updated : 2012-02-24 20:21
NVD link : CVE-2012-0924
Mitre link : CVE-2012-0924
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
realnetworks
- realplayer_sp
- realplayer