VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jan 3, 2014· Updated Apr 29, 2026

CVE-2013-7260

CVE-2013-7260

Description

Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.

Affected products

50
  • RealNetworks/Realplayer50 versions
    cpe:2.3:a:realnetworks:realplayer:*:*:*:*:*:*:*:*+ 49 more
    • cpe:2.3:a:realnetworks:realplayer:*:*:*:*:*:*:*:*range: <=17.0.4.60
    • cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.305:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.331:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.352:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0.396:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0.412:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0._481:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.2.1744:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.2.2315:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:11_build_6.0.14.748:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:12.0.0.1444:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:12.0.0.1548:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:12.0.0.1701:*:mac:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:12.0.1.1737:-:-:*:-:macos:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.1.609:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:14.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:15.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:15.02.71:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:15.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:15.0.4.43:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:15.0.5.109:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:15.0.6.14:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:16.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:16.0.0.282:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:16.0.1.18:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:16.0.2.32:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:16.0.3.51:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:2.1.2:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:2.1.3:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:2.1.4:*:enterprise:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:4:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:6:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:7:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:8:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.