cpe:/a:realnetworks:realplayer:11.0 cpe:/a:realnetworks:realplayer:11.1 cpe:/a:realnetworks:realplayer:14.0.0 cpe:/a:realnetworks:realplayer:14.0.1 cpe:/a:realnetworks:realplayer:14.0.2 cpe:/a:realnetworks:realplayer:14.0.3 cpe:/a:realnetworks:realplayer:14.0.4 cpe:/a:realnetworks:realplayer:14.0.5 cpe:/a:realnetworks:realplayer_sp:1.0.0 cpe:/a:realnetworks:realplayer_sp:1.0.1 cpe:/a:realnetworks:realplayer_sp:1.0.2 cpe:/a:realnetworks:realplayer_sp:1.0.5 cpe:/a:realnetworks:realplayer_sp:1.1 cpe:/a:realnetworks:realplayer_sp:1.1.1 cpe:/a:realnetworks:realplayer_sp:1.1.2 cpe:/a:realnetworks:realplayer_sp:1.1.3 cpe:/a:realnetworks:realplayer_sp:1.1.4 cpe:/a:realnetworks:realplayer_sp:1.1.5 CVE-2011-2950 2011-08-18T19:55:01.007-04:00 2012-02-13T23:08:05.853-05:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2011-08-19T16:17:00.000-04:00 SECTRACK 1025943 BID 49172 SREASON 8388 CONFIRM http://service.real.com/realplayer/security/08162011_player/en/ MISC http://zerodayinitiative.com/advisories/ZDI-11-265/ Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.