CVE-2011-10028
published 2025-08-20CVE-2011-10028: The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the…
PriorityP259high8.7CVSS 4.0
AVNACLATNPRNUIPVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.06%
60.3th percentile
The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | realarcade_activex | <= 2.6.0.445 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for instantiation of the StubbyUtil.ProcessMgr COM object in browser processes, which is the vulnerable ActiveX control exposed by InstallerDlg.dll. ↗
- →Alert on child process spawning from browser processes (e.g., iexplore.exe) where the parent loaded InstallerDlg.dll v2.6.0.445, indicating exploitation of the Exec method. ↗
- →Flag presence of InstallerDlg.dll version 2.6.0.445 loaded within browser processes as a high-risk indicator for this CVE. ↗
- ·The vulnerability is specific to InstallerDlg.dll version 2.6.0.445 only; other versions are not confirmed vulnerable. ↗
- ·This is a browser-based (drive-by) attack vector targeting Windows machines; exploitation requires the victim to visit a malicious page with the vulnerable ActiveX control instantiated. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2011-347.htmlhttps://archive.org/details/com.real.arcadehttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/real_arcade_installerdlg.rbhttps://www.exploit-db.com/exploits/17105https://www.exploit-db.com/exploits/17149https://www.gamehouse.com/https://www.vulncheck.com/advisories/real-networks-arcade-games-activex-arbitrary-code-executionhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/real_arcade_installerdlg.rbhttps://www.exploit-db.com/exploits/17105https://www.exploit-db.com/exploits/17149
2025-08-20
Published