CVE-2012-5691

Published: Dec 19, 2012Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.

Affected (44)

Products: Realnetworks: Realplayer, Realplayer Sp

Realnetworks

2 products

Realplayer

Realplayer Sp

Configuration A

34 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Realplayer	Up to 16.0.0
Realnetworks Realplayer	Version 10.0
Realnetworks Realplayer	Version 10.5
Realnetworks Realplayer	Version 11.0.1
Realnetworks Realplayer	Version 11.0.2.1744
Realnetworks Realplayer	Version 11.0.2.2315
Realnetworks Realplayer	Version 11.0.2
Realnetworks Realplayer	Version 11.0.3
Realnetworks Realplayer	Version 11.0.4
Realnetworks Realplayer	Version 11.0.5
Realnetworks Realplayer	Version 11.0
Realnetworks Realplayer	Version 11.1.3
Realnetworks Realplayer	Version 11.1
Realnetworks Realplayer	Version 11_build_6.0.14.748
Realnetworks Realplayer	Version 12.0.0.1444
Realnetworks Realplayer	Version 12.0.0.1548
Realnetworks Realplayer	Version 14.0.0
Realnetworks Realplayer	Version 14.0.1.609
Realnetworks Realplayer	Version 14.0.1
Realnetworks Realplayer	Version 14.0.2
Realnetworks Realplayer	Version 14.0.3
Realnetworks Realplayer	Version 14.0.4
Realnetworks Realplayer	Version 14.0.5
Realnetworks Realplayer	Version 15.0.0
Realnetworks Realplayer	Version 15.0.4.43
Realnetworks Realplayer	Version 15.0.4
Realnetworks Realplayer	Version 15.0.5.109
Realnetworks Realplayer	Version 15.0.6.14
Realnetworks Realplayer	Version 15.02.71
Realnetworks Realplayer	Version 4
Realnetworks Realplayer	Version 5
Realnetworks Realplayer	Version 6
Realnetworks Realplayer	Version 7
Realnetworks Realplayer	Version 8

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Realplayer Sp	Version 1.0.0
Realnetworks Realplayer Sp	Version 1.0.1
Realnetworks Realplayer Sp	Version 1.0.2
Realnetworks Realplayer Sp	Version 1.0.5
Realnetworks Realplayer Sp	Version 1.1.1
Realnetworks Realplayer Sp	Version 1.1.2
Realnetworks Realplayer Sp	Version 1.1.3
Realnetworks Realplayer Sp	Version 1.1.4
Realnetworks Realplayer Sp	Version 1.1.5
Realnetworks Realplayer Sp	Version 1.1

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

http://service.real.com/realplayer/security/12142012_player/en/

Source: cve@mitre.org

Vendor Advisory

http://service.real.com/realplayer/security/12142012_player/en/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.