CVSS: 9.3EPSS: 2%CPEs: 50EXPL: 0CVE-2012-2406
https://notcve.org/view.php?id=CVE-2012-2406
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file. RealNetworks RealPlayer antes de v15.0.4.53, y RealPlayer SP v1.0 a v1.1.5, no analiza correctamente los datos ASMRuleBook en los archivos de RealMedia, lo que permite a atacantes remotos ejecutar código arbitrario a través de un archivo malicioso. • http://osvdb.org/81943 http://secunia.com/advisories/49193 http://service.real.com/realplayer/security/05152012_player/en http://www.securitytracker.com/id?1027076 https://exchange.xforce.ibmcloud.com/vulnerabilities/75647 •
CVSS: 9.3EPSS: 8%CPEs: 50EXPL: 0CVE-2012-2411
https://notcve.org/view.php?id=CVE-2012-2411
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file. Desbordamiento de búfer en RealPlayer de RealNetworks antes v15.0.4.53, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos ejecutar código arbitrario a través de un archivo RealJukebox Media modificado. • http://osvdb.org/81944 http://secunia.com/advisories/49193 http://service.real.com/realplayer/security/05152012_player/en http://www.securitytracker.com/id?1027076 https://exchange.xforce.ibmcloud.com/vulnerabilities/75648 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •