Memory corruption

2011-08-1823:55:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.2%

JSON

RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.

CPENameOperatorVersion
realplayereq11.0
realplayereq11.1
realplayereq14.0.3
realplayereq14.0.1
realplayereq14.0.4
realplayereq14.0.2
realplayereq14.0.5
realplayereq14.0.0
realplayereq12.0.0.1569 mac-os
realplayereq2.1.5 enterprise

Name	Operator	Version
realplayer	eq	11.0
realplayer	eq	11.1
realplayer	eq	14.0.3
realplayer	eq	14.0.1
realplayer	eq	14.0.4
realplayer	eq	14.0.2
realplayer	eq	14.0.5
realplayer	eq	14.0.0
realplayer	eq	12.0.0.1569 mac-os
realplayer	eq	2.1.5 enterprise