Realarcade Installer
by RealNetworks
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-10028 | Hig | 0.65 | — | 0.01 | Aug 20, 2025 | The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine… | ||
| CVE-2013-2604 | 0.00 | — | 0.01 | Jan 12, 2015 | RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's… | |||
| CVE-2013-2603 | 0.00 | — | 0.04 | Jan 12, 2015 | The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service… | |||
| CVE-2005-0348 | 0.00 | — | 0.01 | May 2, 2005 | Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag. |
- risk 0.65cvss —epss 0.01
The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine…
- CVE-2013-2604Jan 12, 2015risk 0.00cvss —epss 0.01
RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's…
- CVE-2013-2603Jan 12, 2015risk 0.00cvss —epss 0.04
The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service…
- CVE-2005-0348May 2, 2005risk 0.00cvss —epss 0.01
Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag.