Realnetworks : Security Vulnerabilities, CVEs, Published In January 2015 (Denial of service)
The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted arguments to the (1) AddTag, (2) Ping, (3) QueuePause, (4) QueueRemove, (5) QueueTop, (6) RemoveTag, (7) TagRemoved, or (8) message method.
Max CVSS
10.0
EPSS Score
4.34%
Published
2015-01-12
Updated
2015-01-13
1 vulnerabilities found