What is the severity of CVE-2012-2408?

CVE-2012-2408 has a severity rating that indicates it can cause a denial of service due to heap memory corruption.

How do I fix CVE-2012-2408?

To fix CVE-2012-2408, you should upgrade to the latest version of RealPlayer that addresses this vulnerability.

What software is affected by CVE-2012-2408?

CVE-2012-2408 affects several versions of RealPlayer up to and including version 15.0.5.109 and specific versions of RealNetworks RealPlayer SP.

What type of attack can exploit CVE-2012-2408?

CVE-2012-2408 can be exploited by attackers through a crafted AAC file designed to trigger heap memory corruption.

Are there any known exploits for CVE-2012-2408?

There are no specific known exploits publicly available for CVE-2012-2408, but the vulnerability poses a risk of denial of service.

Vulnerability/
CVE-2012-2408

medium

6.8

CWE

119

12/9/2012

6/8/2024

CVE-2012-2408: Buffer Overflow

First published: Wed Sep 12 2012(Updated: )

The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
RealPlayer	<=15.0.5.109
RealPlayer	=2.1.2
RealPlayer	=2.1.3
RealPlayer	=2.1.4
RealPlayer	=4
RealPlayer	=5
RealPlayer	=6
RealPlayer	=7
RealPlayer	=8
RealPlayer	=10.0
RealPlayer	=10.5
RealPlayer	=11.0
RealPlayer	=11.0.1
RealPlayer	=11.0.2
RealPlayer	=11.0.2.1744
RealPlayer	=11.0.2.2315
RealPlayer	=11.0.3
RealPlayer	=11.0.4
RealPlayer	=11.0.5
RealPlayer	=11.1
RealPlayer	=11.1.3
RealPlayer	=11_build_6.0.14.748
RealPlayer	=12.0.0.1444
RealPlayer	=12.0.0.1548
RealPlayer	=14.0.0
RealPlayer	=14.0.1
RealPlayer	=14.0.1.609
RealPlayer	=14.0.2
RealPlayer	=14.0.3
RealPlayer	=14.0.4
RealPlayer	=14.0.5
RealPlayer	=15.0.2.72
RealPlayer	=15.0.3.37
RealNetworks RealPlayer SP	=1.0.0
RealNetworks RealPlayer SP	=1.0.1
RealNetworks RealPlayer SP	=1.0.2
RealNetworks RealPlayer SP	=1.0.5
RealNetworks RealPlayer SP	=1.1
RealNetworks RealPlayer SP	=1.1.1
RealNetworks RealPlayer SP	=1.1.2
RealNetworks RealPlayer SP	=1.1.3
RealNetworks RealPlayer SP	=1.1.4
RealNetworks RealPlayer SP	=1.1.5
RealPlayer	=12.0.0.1701

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2408?
CVE-2012-2408 has a severity rating that indicates it can cause a denial of service due to heap memory corruption.
How do I fix CVE-2012-2408?
To fix CVE-2012-2408, you should upgrade to the latest version of RealPlayer that addresses this vulnerability.
What software is affected by CVE-2012-2408?
CVE-2012-2408 affects several versions of RealPlayer up to and including version 15.0.5.109 and specific versions of RealNetworks RealPlayer SP.
What type of attack can exploit CVE-2012-2408?
CVE-2012-2408 can be exploited by attackers through a crafted AAC file designed to trigger heap memory corruption.
Are there any known exploits for CVE-2012-2408?
There are no specific known exploits publicly available for CVE-2012-2408, but the vulnerability poses a risk of denial of service.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/realnetworks
canonical/realplayer
version/realplayer/15.0.5.109
version/realplayer/2.1.2
version/realplayer/2.1.3
version/realplayer/2.1.4
version/realplayer/4
version/realplayer/5
version/realplayer/6
version/realplayer/7
version/realplayer/8
version/realplayer/10.0
version/realplayer/10.5
version/realplayer/11.0
version/realplayer/11.0.1
version/realplayer/11.0.2
version/realplayer/11.0.2.1744
version/realplayer/11.0.2.2315
version/realplayer/11.0.3
version/realplayer/11.0.4
version/realplayer/11.0.5
version/realplayer/11.1
version/realplayer/11.1.3
version/realplayer/11_build_6.0.14.748
version/realplayer/12.0.0.1444
version/realplayer/12.0.0.1548
version/realplayer/14.0.0
version/realplayer/14.0.1
version/realplayer/14.0.1.609
version/realplayer/14.0.2
version/realplayer/14.0.3
version/realplayer/14.0.4
version/realplayer/14.0.5
version/realplayer/15.0.2.72
version/realplayer/15.0.3.37
canonical/realnetworks realplayer sp
version/realnetworks realplayer sp/1.0.0
version/realnetworks realplayer sp/1.0.1
version/realnetworks realplayer sp/1.0.2
version/realnetworks realplayer sp/1.0.5
version/realnetworks realplayer sp/1.1
version/realnetworks realplayer sp/1.1.1
version/realnetworks realplayer sp/1.1.2
version/realnetworks realplayer sp/1.1.3
version/realnetworks realplayer sp/1.1.4
version/realnetworks realplayer sp/1.1.5
version/realplayer/12.0.0.1701