Lucene search
HistoryMay 18, 2012 - 6:55 p.m.
CVE-2012-2406
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.4%
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.
Affected configurations
Node
realnetworksrealplayerRange≤15.0.4
ORrealnetworksrealplayerMatch4
ORrealnetworksrealplayerMatch5
ORrealnetworksrealplayerMatch6
ORrealnetworksrealplayerMatch7
ORrealnetworksrealplayerMatch8
ORrealnetworksrealplayerMatch10.0
ORrealnetworksrealplayerMatch10.5
ORrealnetworksrealplayerMatch11.0
ORrealnetworksrealplayerMatch11.0.1
ORrealnetworksrealplayerMatch11.0.2
ORrealnetworksrealplayerMatch11.0.2.1744
ORrealnetworksrealplayerMatch11.0.2.2315
ORrealnetworksrealplayerMatch11.0.3
ORrealnetworksrealplayerMatch11.0.4
ORrealnetworksrealplayerMatch11.0.5
ORrealnetworksrealplayerMatch11.1
ORrealnetworksrealplayerMatch11.1.3
ORrealnetworksrealplayerMatch11_build_6.0.14.748
ORrealnetworksrealplayerMatch12.0.0.1444
ORrealnetworksrealplayerMatch12.0.0.1548
ORrealnetworksrealplayerMatch14.0.0
ORrealnetworksrealplayerMatch14.0.1
ORrealnetworksrealplayerMatch14.0.1.609
ORrealnetworksrealplayerMatch14.0.2
ORrealnetworksrealplayerMatch14.0.3
ORrealnetworksrealplayerMatch14.0.4
ORrealnetworksrealplayerMatch14.0.5
ORrealnetworksrealplayerMatch15.0.0
ORrealnetworksrealplayerMatch15.0.1.13
ORrealnetworksrealplayerMatch15.02.71
ORrealnetworksrealplayer_spMatch1.0.0
ORrealnetworksrealplayer_spMatch1.0.1
ORrealnetworksrealplayer_spMatch1.0.2
ORrealnetworksrealplayer_spMatch1.0.5
ORrealnetworksrealplayer_spMatch1.1
ORrealnetworksrealplayer_spMatch1.1.1
ORrealnetworksrealplayer_spMatch1.1.2
ORrealnetworksrealplayer_spMatch1.1.3
ORrealnetworksrealplayer_spMatch1.1.4
ORrealnetworksrealplayer_spMatch1.1.5
Node
realnetworksrealplayer_spMatch1.0.0
ORrealnetworksrealplayer_spMatch1.0.1
ORrealnetworksrealplayer_spMatch1.0.2
ORrealnetworksrealplayer_spMatch1.0.5
ORrealnetworksrealplayer_spMatch1.1
ORrealnetworksrealplayer_spMatch1.1.1
ORrealnetworksrealplayer_spMatch1.1.2
ORrealnetworksrealplayer_spMatch1.1.3
ORrealnetworksrealplayer_spMatch1.1.4
Related
cve
cve
CVE-2012-2406
2012-05-18 18:55:01
prion
prion
Code injection
2012-05-18 18:55:00
cvelist
cvelist
CVE-2012-2406
2012-05-18 18:00:00
nessus
nessus
RealPlayer for Windows < 15.0.4.53 Multiple Vulnerabilities
2012-05-17 00:00:00
Real Networks RealPlayer < 15.0.4.53 Multiple Vulnerabilities
2012-05-17 00:00:00
openvas
openvas
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.4%
Related for NVD:CVE-2012-2406