Executive Summary

Informations
NameCVE-2011-4249First vendor Publication2011-11-24
VendorCveLast vendor Modification2012-03-08

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4249

CWE : Common Weakness Enumeration

idName
CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application30

OpenVAS Exploits

DateDescription
2011-11-29Name : RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Win)
File : nvt/secpod_realplayer_mult_vuln_nov11_win.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
77273RealPlayer RV30 Encoded File Handling Index Unspecified Remote Code Execution

Nessus® Vulnerability Scanner

DateDescription
2011-12-06Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_0_198.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
CONFIRMhttp://service.real.com/realplayer/security/11182011_player/en/

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:06:06
  • Multiple Updates
2013-05-10 23:10:18
  • Multiple Updates