Main Vulnerability Database Vulnerabilities #VU44505

Input validation error in RealPlayer - CVE-2011-4255

Published: November 24, 2011 / Updated: August 11, 2020

Vulnerability identifier: #VU44505

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2011-4255

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: RealNetworks

Affected software:
RealPlayer

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name.

How to mitigate CVE-2011-4255

Install update from vendor's website.

Sources

http://service.real.com/realplayer/security/11182011_player/en/

Input validation error in RealPlayer - CVE-2011-4255

Detailed vulnerability description

How to mitigate CVE-2011-4255

Sources

Please verify you're human