CVE-2013-1750
critical
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
9.3
Description
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| realnetworks | realplayer | {"endIncluding":"16.0.0.282"} | |
| realnetworks | realplayer | 4 | |
| realnetworks | realplayer | 5 | |
| realnetworks | realplayer | 6 | |
| realnetworks | realplayer | 7 | |
| realnetworks | realplayer | 8 | |
| realnetworks | realplayer | 10.0 | |
| realnetworks | realplayer | 10.5 | |
| realnetworks | realplayer | 11.0 | |
| realnetworks | realplayer | 11.0.1 | |
| realnetworks | realplayer | 11.0.2 | |
| realnetworks | realplayer | 11.0.2.1744 | |
| realnetworks | realplayer | 11.0.2.2315 | |
| realnetworks | realplayer | 11.0.3 | |
| realnetworks | realplayer | 11.0.4 | |
| realnetworks | realplayer | 11.0.5 | |
| realnetworks | realplayer | 11.1 | |
| realnetworks | realplayer | 11.1.3 | |
| realnetworks | realplayer | 11_build_6.0.14.748 | |
| realnetworks | realplayer | 12.0.0.1444 | |
| realnetworks | realplayer | 12.0.0.1548 | |
| realnetworks | realplayer | 14.0.0 | |
| realnetworks | realplayer | 14.0.1 | |
| realnetworks | realplayer | 14.0.1.609 | |
| realnetworks | realplayer | 14.0.2 | |
| realnetworks | realplayer | 14.0.3 | |
| realnetworks | realplayer | 14.0.4 | |
| realnetworks | realplayer | 14.0.5 | |
| realnetworks | realplayer | 15.0.0 | |
| realnetworks | realplayer | 15.0.1.13 | |
| realnetworks | realplayer | 15.0.2.72 | |
| realnetworks | realplayer | 15.0.3.37 | |
| realnetworks | realplayer | 15.0.4 | |
| realnetworks | realplayer | 15.0.4.43 | |
| realnetworks | realplayer | 15.0.5.109 | |
| realnetworks | realplayer | 15.0.6.14 | |
| realnetworks | realplayer | 15.02.71 | |
| realnetworks | realplayer | 16.0.0 | |
| realnetworks | realplayer_sp | 1.0.0 | |
| realnetworks | realplayer_sp | 1.0.1 | |
| realnetworks | realplayer_sp | 1.0.2 | |
| realnetworks | realplayer_sp | 1.0.5 | |
| realnetworks | realplayer_sp | 1.1 | |
| realnetworks | realplayer_sp | 1.1.1 | |
| realnetworks | realplayer_sp | 1.1.2 | |
| realnetworks | realplayer_sp | 1.1.3 | |
| realnetworks | realplayer_sp | 1.1.4 | |
| realnetworks | realplayer_sp | 1.1.5 | |
References
CWEs
CWE-119
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.