CVE-2011-4259

Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file.

Published: Nov 24, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4259
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
realnetworks / realplayer	11.0	11.0.x
realnetworks / realplayer	10.0	10.0.x
realnetworks / realplayer	-	14.0.7.x
realnetworks / realplayer	11.0.4	11.0.4.x
realnetworks / realplayer	4	4.x
realnetworks / realplayer	14.0.3	14.0.3.x
realnetworks / realplayer	5	5.x
realnetworks / realplayer	14.0.1	14.0.1.x
realnetworks / realplayer	12.0.0.1444	12.0.0.1444.x
realnetworks / realplayer	11.0.2	11.0.2.x
realnetworks / realplayer	14.0.4	14.0.4.x
realnetworks / realplayer	11.0.3	11.0.3.x
realnetworks / realplayer	14.0.6	14.0.6.x
realnetworks / realplayer	11.0.2.2315	11.0.2.2315.x
realnetworks / realplayer	11.0.5	11.0.5.x
realnetworks / realplayer	8	8.x
realnetworks / realplayer	11.0.2.1744	11.0.2.1744.x
realnetworks / realplayer	7	7.x
realnetworks / realplayer	12.0.0.1548	12.0.0.1548.x
realnetworks / realplayer	11.1.3	11.1.3.x
realnetworks / realplayer	10.5	10.5.x
realnetworks / realplayer	6	6.x
realnetworks / realplayer	11.1	11.1.x
realnetworks / realplayer	11.0.1	11.0.1.x
realnetworks / realplayer	11_build_6.0.14.748	11_build_6.0.14.748.x
realnetworks / realplayer	14.0.2	14.0.2.x
realnetworks / realplayer	14.0.1.609	14.0.1.609.x
realnetworks / realplayer	14.0.5	14.0.5.x
realnetworks / realplayer	14.0.1.633	14.0.1.633.x
realnetworks / realplayer	14.0.0	14.0.0.x

http://service.real.com/realplayer/security/11182011_player/en/

Vulnerability Database

CVE-2011-4259