CVE-2011-1426 in RealPlayerinfo

Summary

The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename corresponding to a crafted RNX file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

03/14/2011

Disclosure

04/18/2011

Moderation

VulDB entry created

Entries

VDB-57142 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

10.0

EPSS

0.05602

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1426
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1426
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1426/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!