CVE-2010-4393

Name of the Vulnerable Software and Affected Versions RealPlayer versions 11.0 through 11.1 RealPlayer versions 14.0.x prior to 14.0.2 RealPlayer SP versions 1.0 through 1.1.5

Description The issue is related to a heap-based buffer overflow in the vidplin.dll component, which can be exploited by remote attackers through a crafted header in an AVI file, allowing them to execute arbitrary code.

Recommendations For RealPlayer versions 11.0 through 11.1, update to a version outside of this range to resolve the issue. For RealPlayer versions 14.0.x prior to 14.0.2, update to version 14.0.2 or later. For RealPlayer SP versions 1.0 through 1.1.5, update to a version outside of this range to mitigate the risk.