CVE-2012-0922

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.

Published: Feb 8, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-0922
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
realnetworks / realplayer	14.0.3	14.0.3.x
realnetworks / realplayer	14.0.1	14.0.1.x
realnetworks / realplayer	14.0.4	14.0.4.x
realnetworks / realplayer	14.0.6	14.0.6.x
realnetworks / realplayer	14.0.7	14.0.7.x
realnetworks / realplayer	14.0.2	14.0.2.x
realnetworks / realplayer	14.0.1.609	14.0.1.609.x
realnetworks / realplayer	14.0.5	14.0.5.x
realnetworks / realplayer	14.0.1.633	14.0.1.633.x
realnetworks / realplayer	14.0.0	14.0.0.x
realnetworks / realplayer	11.0	11.0.x
realnetworks / realplayer	11.0.4	11.0.4.x
realnetworks / realplayer	11.0.2	11.0.2.x
realnetworks / realplayer	11.0.3	11.0.3.x
realnetworks / realplayer	11.0.2.2315	11.0.2.2315.x
realnetworks / realplayer	11.0.5	11.0.5.x
realnetworks / realplayer	11.0.2.1744	11.0.2.1744.x
realnetworks / realplayer	11.1.3	11.1.3.x
realnetworks / realplayer	11.1	11.1.x
realnetworks / realplayer	11.0.1	11.0.1.x
realnetworks / realplayer	11_build_6.0.14.748	11_build_6.0.14.748.x
realnetworks / realplayer	15.0.0	15.0.0.x
realnetworks / realplayer	15.0.1.13	15.0.1.13.x
realnetworks / realplayer_sp	1.0.1	1.0.1.x
realnetworks / realplayer_sp	1.1.5	1.1.5.x
realnetworks / realplayer_sp	1.1.3	1.1.3.x
realnetworks / realplayer_sp	1.0.0	1.0.0.x
realnetworks / realplayer_sp	1.0.2	1.0.2.x
realnetworks / realplayer_sp	1.1	1.1.x
realnetworks / realplayer_sp	1.1.2	1.1.2.x
realnetworks / realplayer_sp	1.1.4	1.1.4.x
realnetworks / realplayer_sp	1.1.1	1.1.1.x
realnetworks / realplayer_sp	1.0.5	1.0.5.x

Vulnerability Database

289,871

CVE-2012-0922