Unrated severityNVD Advisory· Published Feb 21, 2011· Updated Jun 16, 2026
CVE-2011-0694
CVE-2011-0694
Description
RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:2.0:*:enterprise:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:2.1.2:*:enterprise:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:2.1.3:*:enterprise:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:2.1.4:*:enterprise:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:2.1:*:enterprise:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer_sp:1.1.5:*:*:*:*:*:*:*
- (no CPE)range: 11.0-11.1, SP1.0-1.1.5, 14.0.0-14.0.1, Enterprise 2.0-2.1.4
Patches
Vulnerability mechanics
References
8- docs.real.com/docs/security/SecurityUpdate020811RPE.pdfnvdVendor Advisory
- secunia.com/advisories/43268nvdVendor Advisory
- service.real.com/realplayer/security/02082011_player/en/nvdVendor Advisory
- osvdb.org/70849nvd
- securityreason.com/securityalert/8098nvd
- www.securityfocus.com/archive/1/516318/100/0/threadednvd
- www.securitytracker.com/idnvd
- www.zerodayinitiative.com/advisories/ZDI-11-076nvd
News mentions
0No linked articles in our index yet.