cbcvebase.
CVE-2012-2406
published 2012-05-18

CVE-2012-2406: RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote…

PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
4.60%
90.5th percentile
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.

Affected

41 ranges· showing 25
VendorProductVersion rangeFixed in
realnetworksrealplayer<= 15.0.4
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
realnetworksrealplayer
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.