VYPR
Unrated severityNVD Advisory· Published Aug 18, 2011· Updated Jun 16, 2026

CVE-2011-2954

CVE-2011-2954

Description

Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19
  • cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer_sp:1.1.5:*:*:*:*:*:*:*
    • (no CPE)range: 11.0-11.1, 14.0.0-14.0.5, SP 1.0-1.1.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.