NVD

Id
9656  
Name
CVE-2011-2948  
Description
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-08-18  
Modified Date
2011-10-05  
Seq
2011-2948  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
55249 9656 CVE-2011-2948 http://service.real.com/realplayer/security/08162011_player/en/  View
55250 9656 CVE-2011-2948 1025943  View
55251 9656 CVE-2011-2948 http://zerodayinitiative.com/advisories/ZDI-11-268/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
31958 JVNDB-2011-002198 RealNetworks RealPlayer および RealPlayer Enterprise における任意のコードを実行される脆弱性 RealNetworks RealPlayer および RealPlayer Enterprise は、SWF ファイルの DEFINEFONT フィールドを適切に処理しないため、任意のコードを実行される、またはサービス運用妨害 (ヒープメモリの破損) 状態となる脆弱性が存在します。 CVE-2011-2948 50855 CVE-2011-2948 9656 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002198.html 2011-08-16 2011-09-09 View