{"api_version":"1","generated_at":"2026-05-13T10:06:36+00:00","cve":"CVE-2013-7260","urls":{"html":"https://cve.report/CVE-2013-7260","api":"https://cve.report/api/cve/CVE-2013-7260.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-7260","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-7260"},"summary":{"title":"CVE-2013-7260","description":"Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.","state":"PUBLISHED","assigner":"mitre","published_at":"2014-01-03 20:55:06","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://service.real.com/realplayer/security/12202013_player/en/","name":"http://service.real.com/realplayer/security/12202013_player/en/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"December 2013","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90160","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90160","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/698278","name":"http://www.kb.cert.org/vuls/id/698278","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"],"title":"Vulnerability Note VU#698278 - RealPlayer version 16.0.3.51 contains a buffer overflow vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/64695","name":"http://www.securityfocus.com/bid/64695","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"RealPlayer 'RMP' File Processing Remote Stack Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.exploit-db.com/exploits/30468/","name":"http://www.exploit-db.com/exploits/30468/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - (.rmp) Version Attribute Buffer Overflow","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-7260","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7260","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.0","cpe7":"10.0.0.305","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.0","cpe7":"10.0.0.331","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.0","cpe7":"10.0.0.352","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.1","cpe7":"10.0.0.396","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.1","cpe7":"10.0.0.412","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.1","cpe7":"10.0.0._481","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"10.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.2.1744","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.2.2315","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"11_build_6.0.14.748","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"12.0.0.1444","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"12.0.0.1548","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"12.0.0.1701","cpe7":"*","cpe8":"mac","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"12.0.1.1737","cpe7":"-","cpe8":"-","cpe9":"*","cpe10":"-","cpe11":"macos","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.1.609","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"14.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"15.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"15.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"15.0.4.43","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"15.0.5.109","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"15.0.6.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"15.02.71","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"16.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"16.0.0.282","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"16.0.1.18","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"16.0.2.32","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"16.0.3.51","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"2.1.2","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"2.1.3","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"2.1.4","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7260","vulnerable":"1","versionEndIncluding":"17.0.4.60","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"realnetworks","cpe5":"realplayer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2013","cve_id":"7260","cve":"CVE-2013-7260","epss":"0.793380000","percentile":"0.990850000","score_date":"2026-04-30","updated_at":"2026-05-01 00:10:53"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T18:01:20.225Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"64695","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/64695"},{"name":"30468","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"http://www.exploit-db.com/exploits/30468/"},{"name":"realplayer-cve20137260-bo(90160)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90160"},{"name":"VU#698278","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/698278"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://service.real.com/realplayer/security/12202013_player/en/"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2013-12-20T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"64695","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/64695"},{"name":"30468","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"http://www.exploit-db.com/exploits/30468/"},{"name":"realplayer-cve20137260-bo(90160)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90160"},{"name":"VU#698278","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/698278"},{"tags":["x_refsource_CONFIRM"],"url":"http://service.real.com/realplayer/security/12202013_player/en/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2013-7260","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"64695","refsource":"BID","url":"http://www.securityfocus.com/bid/64695"},{"name":"30468","refsource":"EXPLOIT-DB","url":"http://www.exploit-db.com/exploits/30468/"},{"name":"realplayer-cve20137260-bo(90160)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90160"},{"name":"VU#698278","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/698278"},{"name":"http://service.real.com/realplayer/security/12202013_player/en/","refsource":"CONFIRM","url":"http://service.real.com/realplayer/security/12202013_player/en/"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2013-7260","datePublished":"2014-01-03T20:00:00.000Z","dateReserved":"2014-01-03T00:00:00.000Z","dateUpdated":"2024-08-06T18:01:20.225Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2014-01-03 20:55:06","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:*:*:*:*:*:*:*:*","versionEndIncluding":"17.0.4.60","matchCriteriaId":"AB32A02A-01A1-4F23-9055-F1CBAFE68D1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:2.1.2:*:enterprise:*:*:*:*:*","matchCriteriaId":"1E2BC096-43B6-4696-8467-CC3D0163EFF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:2.1.3:*:enterprise:*:*:*:*:*","matchCriteriaId":"3A29D4B9-DD00-43F6-ACEA-B830FDFC1E5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:2.1.4:*:enterprise:*:*:*:*:*","matchCriteriaId":"320D3DA6-DD8C-4423-84E5-55906D47BD6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:4:*:*:*:*:*:*:*","matchCriteriaId":"8374739F-8F46-4B07-9432-4A38BCC3E836"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:5:*:*:*:*:*:*:*","matchCriteriaId":"871CD3B2-ABAE-4B9E-89AE-FB6848D7A696"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:6:*:*:*:*:*:*:*","matchCriteriaId":"111E5B3F-513E-4BEE-8B32-7A9404F97C13"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:7:*:*:*:*:*:*:*","matchCriteriaId":"2E0301EF-960C-475F-A2A0-5410CA17CBCD"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:8:*:*:*:*:*:*:*","matchCriteriaId":"A155A338-93F2-4D58-B825-E2D3F88C3C5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*","matchCriteriaId":"CD49D16C-B0AC-4228-9984-010661596232"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*","matchCriteriaId":"348F3214-E5C2-4D39-916F-1B0263D13F40"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0:*:*:*:*:*:*:*","matchCriteriaId":"A8985B3B-BCC9-431D-9788-0C1949DF46E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.1:*:*:*:*:*:*:*","matchCriteriaId":"9C7517C2-71A8-4223-9F9A-2FE5A2153B53"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.2:*:*:*:*:*:*:*","matchCriteriaId":"11B7CB5F-ACFA-439B-A9B7-54DA402A6029"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.2.1744:*:*:*:*:*:*:*","matchCriteriaId":"381DD10A-3459-40BD-88DB-2CC0BCA63F4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.2.2315:*:*:*:*:*:*:*","matchCriteriaId":"D8FC5594-3C28-417F-B621-C29E3E2D60D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.3:*:*:*:*:*:*:*","matchCriteriaId":"B2A681B8-62F1-4B23-9E0B-39C61BE72F44"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.4:*:*:*:*:*:*:*","matchCriteriaId":"F826B276-91E6-495E-B429-51B1C5ECB146"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.0.5:*:*:*:*:*:*:*","matchCriteriaId":"0A732E6C-108F-447F-98B1-EA774A0537EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.1:*:*:*:*:*:*:*","matchCriteriaId":"D03738C3-D659-488D-B285-64A496C0F1FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11.1.3:*:*:*:*:*:*:*","matchCriteriaId":"EEF2C4FD-DAB6-4D38-9B30-C51CC17444D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:11_build_6.0.14.748:*:*:*:*:*:*:*","matchCriteriaId":"D4A1E94D-E25C-4888-9FDE-207FEC5FD370"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:12.0.0.1444:*:*:*:*:*:*:*","matchCriteriaId":"1E454E6F-6229-4538-8B64-B16FA1F97F12"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:12.0.0.1548:*:*:*:*:*:*:*","matchCriteriaId":"A0A25BC2-1677-43A4-92CA-A971109DE08F"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E70D263C-820C-4399-9215-D69082024287"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.1:*:*:*:*:*:*:*","matchCriteriaId":"6F6486B4-AEDB-428C-9F10-A494681577D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.1.609:*:*:*:*:*:*:*","matchCriteriaId":"F7AA21F1-EB31-4D62-B43C-FE8887AA6D48"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.2:*:*:*:*:*:*:*","matchCriteriaId":"D825DDF3-5D19-403E-8990-58521314E99B"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.3:*:*:*:*:*:*:*","matchCriteriaId":"27B4A01C-B07A-4879-926B-8C5F272F5662"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.4:*:*:*:*:*:*:*","matchCriteriaId":"F9EA3EBA-DDB3-4C2E-BC78-9225E4D65C6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:14.0.5:*:*:*:*:*:*:*","matchCriteriaId":"9FEB9795-829C-4F2A-A796-EF0025E993F4"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:15.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E075E2D6-FE35-4310-8456-4DFAEF55F071"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:15.0.4:*:*:*:*:*:*:*","matchCriteriaId":"EF1FADAC-B763-410E-B8B3-FEC5BCB78912"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:15.0.4.43:*:*:*:*:*:*:*","matchCriteriaId":"909306C9-D58F-40CF-9729-3B2ECC672203"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:15.0.5.109:*:*:*:*:*:*:*","matchCriteriaId":"5B9B74FB-2236-402E-9999-C12F110C7621"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:15.0.6.14:*:*:*:*:*:*:*","matchCriteriaId":"20EC7F73-8C89-458C-954A-2A4F421DD1D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:15.02.71:*:*:*:*:*:*:*","matchCriteriaId":"671ACD3D-6B00-4BE1-80B1-BAAAEBFD22A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:16.0.0:*:*:*:*:*:*:*","matchCriteriaId":"A7AA87DB-F397-41B9-AEDA-268E0C427D40"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:16.0.0.282:*:*:*:*:*:*:*","matchCriteriaId":"18B552F0-6997-48FF-BDCA-713F179D2CF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:16.0.1.18:*:*:*:*:*:*:*","matchCriteriaId":"A41C801F-BC97-49C8-8AD9-85836BB3FC92"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:16.0.2.32:*:*:*:*:*:*:*","matchCriteriaId":"7A5620A0-8DAF-4FE6-8955-FA4B96ACF955"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:16.0.3.51:*:*:*:*:*:*:*","matchCriteriaId":"2652FC78-519C-4340-9DA9-74B83B4D20BB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.305:mac:*:*:*:*:*","matchCriteriaId":"995983E3-6968-4071-A3E7-BC84800894C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.331:mac:*:*:*:*:*","matchCriteriaId":"1D5A55EF-BFC7-4703-B115-910DC8338733"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.0:10.0.0.352:mac:*:*:*:*:*","matchCriteriaId":"A4FE917E-31A3-4065-B723-FACECEB1BEB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0._481:mac:*:*:*:*:*","matchCriteriaId":"1311A415-4CBB-44BA-A014-FCC2BBFF6D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0.396:mac:*:*:*:*:*","matchCriteriaId":"84E4F874-E9A5-40F1-82CF-5C2E4749DF6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:10.1:10.0.0.412:mac:*:*:*:*:*","matchCriteriaId":"EBC0DDE6-356C-4EE7-83E1-7EF5A0C5A751"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:12.0.0.1701:*:mac:*:*:*:*:*","matchCriteriaId":"299B9493-5498-4480-AD8C-EA7F0311CAD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:realnetworks:realplayer:12.0.1.1737:-:-:*:-:macos:*:*","matchCriteriaId":"D73719D9-216A-48B5-B959-0C7331EDB4EE"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"7260","Ordinal":"1","Title":"CVE-2013-7260","CVE":"CVE-2013-7260","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"7260","Ordinal":"1","NoteData":"Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.","Type":"Description","Title":"CVE-2013-7260"},{"CveYear":"2013","CveId":"7260","Ordinal":"2","NoteData":"2014-01-03","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"7260","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}