CVE-2012-2406
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.
Date published : 2012-05-18
http://service.real.com/realplayer/security/05152012_player/en/