|CVSS SCORE||7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)|
The specific flaw exists within how the application processes the audio specific data within a RealMedia audio file. When decoding sample data, the application will explicitly trust a length read from the sample data when populating a buffer that is allocated based on the codec information. Due to this, a memory corruption can be made to occur which can result in code execution within the context of the application.
RealNetworks has issued an update to correct this vulnerability. More details can be found at: