Main Vulnerability Database Vulnerabilities #VU44503

Input validation error in RealPlayer - CVE-2011-4253

Published: November 24, 2011 / Updated: August 11, 2020

Vulnerability identifier: #VU44503

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2011-4253

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: RealNetworks

Affected software:
RealPlayer

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.

How to mitigate CVE-2011-4253

Install update from vendor's website.

Sources

http://service.real.com/realplayer/security/11182011_player/en/

Input validation error in RealPlayer - CVE-2011-4253

Detailed vulnerability description

How to mitigate CVE-2011-4253

Sources

Please verify you're human