CVE-2007-2264

Name of the Vulnerable Software and Affected Versions RealPlayer versions 8, 10, 10.1 RealOne Player versions 1, 2 RealPlayer Enterprise (affected versions not specified)

Description The issue is related to a heap-based buffer overflow that can be triggered by a RAM (.ra or .ram) file with a large size value in the RA header, potentially allowing remote attackers to execute arbitrary code.

Recommendations For RealPlayer versions 8, 10, 10.1, consider updating to a version that is not affected by this issue. For RealOne Player versions 1, 2, avoid using the software to play RAM files from untrusted sources until a fix is available. For RealPlayer Enterprise, at the moment, there is no information about a newer version that contains a fix for this vulnerability.