Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2013-7260

Published: 03/01/2014 Updated: 11/05/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Realnetworks

Vulnerability Summary

Multiple stack-based buffer overflows in RealNetworks RealPlayer prior to 17.0.4.61 on Windows, and Mac RealPlayer prior to 12.0.1.1738, allow remote malicious users to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

realnetworks realplayer 8

realnetworks realplayer 7

realnetworks realplayer 16.0.3.51

realnetworks realplayer 16.0.2.32

realnetworks realplayer 15.0.4.43

realnetworks realplayer 15.0.4

realnetworks realplayer 15.0.0

realnetworks realplayer 14.0.0

realnetworks realplayer 12.0.0.1548

realnetworks realplayer 11.0.3

realnetworks realplayer 11.0.2.2315

realnetworks realplayer 4

realnetworks realplayer 2.1.4

realnetworks realplayer 16.0.0

realnetworks realplayer 15.02.71

realnetworks realplayer 14.0.3

realnetworks realplayer 14.0.2

realnetworks realplayer 11.1.3

realnetworks realplayer 11.1

realnetworks realplayer 11.0.1

realnetworks realplayer 11.0

realnetworks realplayer

realnetworks realplayer 2.1.3

realnetworks realplayer 2.1.2

realnetworks realplayer 15.0.6.14

realnetworks realplayer 15.0.5.109

realnetworks realplayer 14.0.1.609

realnetworks realplayer 14.0.1

realnetworks realplayer 11.0.5

realnetworks realplayer 11.0.4

realnetworks realplayer 10.5

realnetworks realplayer 10.0

realnetworks realplayer 6

realnetworks realplayer 5

realnetworks realplayer 16.0.1.18

realnetworks realplayer 16.0.0.282

realnetworks realplayer 14.0.5

realnetworks realplayer 14.0.4

realnetworks realplayer 12.0.0.1444

realnetworks realplayer 11_build_6.0.14.748

realnetworks realplayer 11.0.2.1744

realnetworks realplayer 11.0.2

realnetworks realplayer 12.0.1.1737

realnetworks realplayer 10.1

realnetworks realplayer 12.0.0.1701

Exploits

Exploit DB: RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow
#!/usr/bin/perl #-----------------------------------------------------------------------------# # Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow # # Date: Dec 20 2013 # # Exploit Author: Gabor Seljan # # Vendor Home ...

References

CWE-119http://service.real.com/realplayer/security/12202013_player/en/http://www.kb.cert.org/vuls/id/698278http://www.exploit-db.com/exploits/30468/http://www.securityfocus.com/bid/64695https://exchange.xforce.ibmcloud.com/vulnerabilities/90160https://nvd.nist.govhttps://www.exploit-db.com/exploits/30468/https://www.kb.cert.org/vuls/id/698278
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook