CVE-2013-4974

Published: Aug 27, 2013Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.

Affected (42)

Products: Realnetworks: Realplayer, Realplayer Sp

Realnetworks

2 products

Realplayer

Realplayer Sp

Configuration A

42 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Realplayer	Up to 16.0.2.32
Realnetworks Realplayer	Version 10.0
Realnetworks Realplayer	Version 10.5
Realnetworks Realplayer	Version 11.0.1
Realnetworks Realplayer	Version 11.0.2.1744
Realnetworks Realplayer	Version 11.0.2.2315
Realnetworks Realplayer	Version 11.0.2
Realnetworks Realplayer	Version 11.0.3
Realnetworks Realplayer	Version 11.0.4
Realnetworks Realplayer	Version 11.0.5
Realnetworks Realplayer	Version 11.0
Realnetworks Realplayer	Version 11.1.3
Realnetworks Realplayer	Version 11.1
Realnetworks Realplayer	Version 11_build_6.0.14.748
Realnetworks Realplayer	Version 12.0.0.1444
Realnetworks Realplayer	Version 12.0.0.1548
Realnetworks Realplayer	Version 14.0.0
Realnetworks Realplayer	Version 14.0.1.609
Realnetworks Realplayer	Version 14.0.1
Realnetworks Realplayer	Version 14.0.2
Realnetworks Realplayer	Version 14.0.3
Realnetworks Realplayer	Version 14.0.4
Realnetworks Realplayer	Version 14.0.5
Realnetworks Realplayer	Version 15.0.0
Realnetworks Realplayer	Version 15.0.4.43
Realnetworks Realplayer	Version 15.0.4
Realnetworks Realplayer	Version 15.0.5.109
Realnetworks Realplayer	Version 15.0.6.14
Realnetworks Realplayer	Version 15.02.71
Realnetworks Realplayer	Version 16.0.0.282
Realnetworks Realplayer	Version 16.0.0
Realnetworks Realplayer	Version 16.0.1.18
Realnetworks Realplayer Sp	Version 1.0.0
Realnetworks Realplayer Sp	Version 1.0.1
Realnetworks Realplayer Sp	Version 1.0.2
Realnetworks Realplayer Sp	Version 1.0.5
Realnetworks Realplayer Sp	Version 1.1.1
Realnetworks Realplayer Sp	Version 1.1.2
Realnetworks Realplayer Sp	Version 1.1.3
Realnetworks Realplayer Sp	Version 1.1.4
Realnetworks Realplayer Sp	Version 1.1.5
Realnetworks Realplayer Sp	Version 1.1

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (4)

http://service.real.com/realplayer/security/08232013_player/en/

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/61990

Source: cve@mitre.org

http://service.real.com/realplayer/security/08232013_player/en/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/61990

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.