RealNetworks RealPlayer 11.0 up to and including 11.1 and 14.0.0 up to and including 14.0.5, RealPlayer SP 1.0 up to and including 1.1.5, RealPlayer Enterprise 2.0 up to and including 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
realnetworks realplayer 11.0 |
||
realnetworks realplayer 11.1 |
||
realnetworks realplayer 14.0.3 |
||
realnetworks realplayer 14.0.4 |
||
realnetworks realplayer 14.0.0 |
||
realnetworks realplayer 14.0.5 |
||
realnetworks realplayer 14.0.1 |
||
realnetworks realplayer 14.0.2 |
||
realnetworks realplayer sp 1.1.2 |
||
realnetworks realplayer sp 1.1.1 |
||
realnetworks realplayer sp 1.1.5 |
||
realnetworks realplayer sp 1.0.0 |
||
realnetworks realplayer sp 1.1.4 |
||
realnetworks realplayer sp 1.1 |
||
realnetworks realplayer sp 1.0.5 |
||
realnetworks realplayer sp 1.0.2 |
||
realnetworks realplayer sp 1.0.1 |
||
realnetworks realplayer sp 1.1.3 |
||
realnetworks realplayer 2.1.4 |
||
realnetworks realplayer 2.1.5 |
||
realnetworks realplayer 2.1.2 |
||
realnetworks realplayer 2.1.3 |
||
realnetworks realplayer 2.0 |
||
realnetworks realplayer 12.0.0.1569 |
Vulmon