CVE-2012-2408

The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:realnetworks:realplayer:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:2.1.2:*:enterprise:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:2.1.3:*:enterprise:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:2.1.4:*:enterprise:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:6:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:7:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:8:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2.1744:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.2.2315:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11.1.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:11_build_6.0.14.748:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:12.0.0.1444:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:12.0.0.1548:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.1.609:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:14.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:15.0.2.72:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer:15.0.3.37:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realplayer_sp:1.1.5:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:realnetworks:realplayer:12.0.0.1701:*:mac:*:*:*:*:*

History

21 Nov 2024, 01:39

Type Values Removed Values Added
References () http://service.real.com/realplayer/security/09072012_player/en/ - Vendor Advisory () http://service.real.com/realplayer/security/09072012_player/en/ - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/78385 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/78385 -

Information

Published : 2012-09-12 10:38

Updated : 2024-11-21 01:39


NVD link : CVE-2012-2408

Mitre link : CVE-2012-2408

CVE.ORG link : CVE-2012-2408


JSON object : View

Products Affected

realnetworks

  • realplayer_sp
  • realplayer
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer