|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-09-02 | |
| Rule Name: | RealNetworks RealPlayer QCP Parsing Buffer Overflow Vulnerability (CVE-2011-2950) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows, Others | |
| Reference: | SecurityFocusBID:49172 http://securityreason.com/securityalert/8388 http://service.real.com/realplayer/security/08162011_player/en/ SecurityTrackerID:1025943 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://service.real.com/realplayer/security/08162011_player/en/ |