CVE-2012-0924

high

Description

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.

References

http://secunia.com/advisories/47896

http://service.real.com/realplayer/security/02062012_player/en/

Details

Source: MITRE

Published: 2012-02-08

Updated: 2012-02-25

Type: CWE-94

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH