Input validation error in RealPlayer - CVE-2011-4250

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU44500

Input validation error in RealPlayer - CVE-2011-4250

Published: November 24, 2011 / Updated: August 11, 2020


Vulnerability identifier: #VU44500
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2011-4250
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: RealNetworks
Affected software:
RealPlayer

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.


How to mitigate CVE-2011-4250

Install update from vendor's website.

Sources