CVE-2011-4260

2011-11-2411:55:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2011-4260

realnetworks

realplayer

remote code execution

mp4 file

security vulnerability

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

50.6%

JSON

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.

CPENameOperatorVersion
realnetworks:realplayerrealnetworks realplayereq11.0
realnetworks:realplayerrealnetworks realplayereq10.0
realnetworks:realplayerrealnetworks realplayerle14.0.7
realnetworks:realplayerrealnetworks realplayereq11.0.4
realnetworks:realplayerrealnetworks realplayereq4
realnetworks:realplayerrealnetworks realplayereq14.0.3
realnetworks:realplayerrealnetworks realplayereq5
realnetworks:realplayerrealnetworks realplayereq14.0.1
realnetworks:realplayerrealnetworks realplayereq12.0.0.1444
realnetworks:realplayerrealnetworks realplayereq11.0.2

CPE	Name	Operator	Version
realnetworks:realplayer	realnetworks realplayer	eq	11.0
realnetworks:realplayer	realnetworks realplayer	eq	10.0
realnetworks:realplayer	realnetworks realplayer	le	14.0.7
realnetworks:realplayer	realnetworks realplayer	eq	11.0.4
realnetworks:realplayer	realnetworks realplayer	eq	4
realnetworks:realplayer	realnetworks realplayer	eq	14.0.3
realnetworks:realplayer	realnetworks realplayer	eq	5
realnetworks:realplayer	realnetworks realplayer	eq	14.0.1
realnetworks:realplayer	realnetworks realplayer	eq	12.0.0.1444
realnetworks:realplayer	realnetworks realplayer	eq	11.0.2