RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.

Updated December 20, 2013


RealNetworks is making available product upgrades that contain security bug fixes.  We have received no reports
of any machines actually being compromised as a result of the now-remedied vulnerabilities.  RealNetworks always
recommends upgrading your product to the most current version available to avoid security vulnerabilities. 

Current Software

The current versions of our Player software are not affected by these vulnerabilities.


Operating System



Windows XP through Windows 8

All Released

Mac RealPlayer

Mac OS X 10.3 - 10.8.2

All Released

Affected Software

The table below contains a summary of which previous and current versions of the RealPlayer software are susceptible
to these vulnerabilities. The columns and cells in green are the versions of each product where the issue has been resolved. 

CVE Number



All Previous Versions


All Previous Versions











CVE Descriptions 

CVE-2013-6877 and CVE-2013-7260 - RealPlayer - Stack buffer or heap overflow in RealPlayer when handling modified RMP files.
Affected software: Windows RealPlayer and prior.
Credit to Ricardo Narvaja from Core Security Exploit Writers Team and Gabor Seljan with CERT(R) Coordination Center for reporting these issues.


RealNetworks Inc. endeavors to provide you with the highest quality products and services, but cannot guarantee, and
does not warrant, that the operation of any RealNetworks product will be error-free, uninterrupted or secure. Please
see your original license agreement for details of our limited warranty or warranty disclaimer.