rjrmrpln.dll in RealNetworks RealPlayer 11.0 up to and including 11.1, RealPlayer SP 1.0 up to and including 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote malicious users to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
realnetworks realplayer 11.1 |
||
realnetworks realplayer 11.0 |
||
realnetworks realplayer 11.0.1 |
||
realnetworks realplayer 11.0.2 |
||
realnetworks realplayer 11.0.4 |
||
realnetworks realplayer 11.0.3 |
||
realnetworks realplayer 11.0.5 |
||
realnetworks realplayer sp 1.0.0 |
||
realnetworks realplayer sp 1.0.1 |
||
realnetworks realplayer sp 1.0.2 |
||
realnetworks realplayer sp 1.0.5 |
||
realnetworks realplayer sp 1.1 |
||
realnetworks realplayer sp 1.1.2 |
||
realnetworks realplayer sp 1.1.4 |
||
realnetworks realplayer sp 1.1.1 |
||
realnetworks realplayer sp 1.1.3 |
||
realnetworks realplayer 2.1.2 |