What is the severity of CVE-2012-1904?

CVE-2012-1904 is classified as a high severity vulnerability that allows remote attackers to cause a denial of service through crafted MP4 files.

How do I fix CVE-2012-1904?

To mitigate CVE-2012-1904, users should update to a version of RealPlayer that is higher than 15.0.0 or apply available patches from RealNetworks.

What versions of RealPlayer are affected by CVE-2012-1904?

CVE-2012-1904 affects RealPlayer versions 15.0.0 and earlier, as well as various versions of RealPlayer SP up to 1.1.4.

What symptoms might indicate an exploit of CVE-2012-1904?

Exploitation of CVE-2012-1904 may lead to symptoms such as application crashes or unexpected behavior when playing certain MP4 files.

Who is at risk from CVE-2012-1904?

Any user running vulnerable versions of RealPlayer or RealNetworks RealPlayer SP is at risk from CVE-2012-1904.

Vulnerability/
CVE-2012-1904

medium

4.3

CWE

119

28/3/2012

6/8/2024

CVE-2012-1904: Buffer Overflow

First published: Wed Mar 28 2012(Updated: )

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
RealPlayer	<=15.0.0
RealPlayer	=4
RealPlayer	=5
RealPlayer	=6
RealPlayer	=7
RealPlayer	=8
RealPlayer	=10.0
RealPlayer	=10.5
RealPlayer	=11.0
RealPlayer	=11.0.1
RealPlayer	=11.0.2
RealPlayer	=11.0.2.1744
RealPlayer	=11.0.2.2315
RealPlayer	=11.0.3
RealPlayer	=11.0.4
RealPlayer	=11.0.5
RealPlayer	=11.1
RealPlayer	=11.1.3
RealPlayer	=11_build_6.0.14.748
RealPlayer	=12.0.0.1444
RealPlayer	=12.0.0.1548
RealPlayer	=14.0.0
RealPlayer	=14.0.1
RealPlayer	=14.0.1.609
RealPlayer	=14.0.2
RealPlayer	=14.0.3
RealPlayer	=14.0.4
RealPlayer	=14.0.5
RealNetworks RealPlayer SP	<=1.1.4
RealNetworks RealPlayer SP	=1.0.0
RealNetworks RealPlayer SP	=1.0.1
RealNetworks RealPlayer SP	=1.0.2
RealNetworks RealPlayer SP	=1.0.5
RealNetworks RealPlayer SP	=1.1
RealNetworks RealPlayer SP	=1.1.1
RealNetworks RealPlayer SP	=1.1.2
RealNetworks RealPlayer SP	=1.1.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-1904?
CVE-2012-1904 is classified as a high severity vulnerability that allows remote attackers to cause a denial of service through crafted MP4 files.
How do I fix CVE-2012-1904?
To mitigate CVE-2012-1904, users should update to a version of RealPlayer that is higher than 15.0.0 or apply available patches from RealNetworks.
What versions of RealPlayer are affected by CVE-2012-1904?
CVE-2012-1904 affects RealPlayer versions 15.0.0 and earlier, as well as various versions of RealPlayer SP up to 1.1.4.
What symptoms might indicate an exploit of CVE-2012-1904?
Exploitation of CVE-2012-1904 may lead to symptoms such as application crashes or unexpected behavior when playing certain MP4 files.
Who is at risk from CVE-2012-1904?
Any user running vulnerable versions of RealPlayer or RealNetworks RealPlayer SP is at risk from CVE-2012-1904.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
agent/author
agent/softwarecombine
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/realnetworks
canonical/realplayer
version/realplayer/15.0.0
version/realplayer/4
version/realplayer/5
version/realplayer/6
version/realplayer/7
version/realplayer/8
version/realplayer/10.0
version/realplayer/10.5
version/realplayer/11.0
version/realplayer/11.0.1
version/realplayer/11.0.2
version/realplayer/11.0.2.1744
version/realplayer/11.0.2.2315
version/realplayer/11.0.3
version/realplayer/11.0.4
version/realplayer/11.0.5
version/realplayer/11.1
version/realplayer/11.1.3
version/realplayer/11_build_6.0.14.748
version/realplayer/12.0.0.1444
version/realplayer/12.0.0.1548
version/realplayer/14.0.0
version/realplayer/14.0.1
version/realplayer/14.0.1.609
version/realplayer/14.0.2
version/realplayer/14.0.3
version/realplayer/14.0.4
version/realplayer/14.0.5
canonical/realnetworks realplayer sp
version/realnetworks realplayer sp/1.1.4
version/realnetworks realplayer sp/1.0.0
version/realnetworks realplayer sp/1.0.1
version/realnetworks realplayer sp/1.0.2
version/realnetworks realplayer sp/1.0.5
version/realnetworks realplayer sp/1.1
version/realnetworks realplayer sp/1.1.1
version/realnetworks realplayer sp/1.1.2
version/realnetworks realplayer sp/1.1.3