|
|||
Rule General Information |
---|
Release Date: | 2019-09-02 | |
Rule Name: | RealNetworks RealPlayer QCP Parsing Buffer Overflow Vulnerability (CVE-2011-2950) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. | |
Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
Affected OS: | Windows, Others | |
Reference: | SecurityFocusBID:49172 http://securityreason.com/securityalert/8388 http://service.real.com/realplayer/security/08162011_player/en/ SecurityTrackerID:1025943 |
|
Solutions |
---|
The vendors have released upgrade patches to fix vulnerabilities, please visit: http://service.real.com/realplayer/security/08162011_player/en/ |