cbcvebase.
CVE-2011-10016
published 2025-08-13

CVE-2011-10016: Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is…

PriorityP350critical9.3CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.40%
31.6th percentile
Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.

Affected

1 ranges
VendorProductVersion rangeFixed in
realnetworks_incnetzip_classic

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered by a ZIP archive containing a filename that exceeds the expected buffer size; monitor for ZIP files with abnormally long filenames being opened by NetZip Classic.
  • Exploitation requires user interaction — an attacker must deliver a specially crafted ZIP file and convince the victim to open it with NetZip Classic; monitor for suspicious ZIP file delivery via email or web to users running NetZip Classic 7.5.1.86.
  • ·Affected version is specifically Real Networks Netzip Classic 7.5.1.86 (Windows); exploitation results in code execution under the victim user's context only — no privilege escalation beyond the current user.
  • ·The Metasploit module targets the fileformat vector (file-based exploitation), meaning no network listener is required on the victim side; the attack is entirely client-side.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.