CVE-2002-1321

Name: CVE-2002-1321
Creator: NVD / NIST
Published: 2002-12-11T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.25%

Last modified Jun 16, 2026

CVE-2002-1321 is a vulnerability of currently unknown severity. Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename.. EPSS estimates a 3.25% chance of exploitation in the next 30 days.

Description

Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename.

Metrics

EPSS Probability

3.25%

86.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions	Update
Realnetworks	Realone Player	2.0	—
Realnetworks	Realplayer	All versions	G2
Realnetworks	Realplayer	6.0	—
Realnetworks	Realplayer	7.0	—
Realnetworks	Realplayer	8.0	—

References

Timeline

Published: Dec 11, 2002
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2002-1321?

How severe is CVE-2002-1321?

Severity scoring for CVE-2002-1321 is pending analysis. The EPSS model estimates a 3.25% probability of exploitation in the next 30 days.

How do I fix CVE-2002-1321?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-1321?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST