CVE-2011-10016

N/A Unknown
Published: August 13, 2025 Modified: April 15, 2026
View on NVD

Description

Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb
Source: disclosure@vulncheck.com
https://www.exploit-db.com/exploits/16083
Source: disclosure@vulncheck.com
https://www.exploit-db.com/exploits/17985
Source: disclosure@vulncheck.com
https://www.softpedia.com/get/Compression-tools/NetZip-Classic.shtml
Source: disclosure@vulncheck.com
https://www.vulncheck.com/advisories/real-networks-netzip-classic-file-parsing-buffer-overflow
Source: disclosure@vulncheck.com

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
9.7%
93th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-121

Related CVEs

CVE-2026-7696 6.3
CVE-2026-7695 7.3
CVE-2026-7694 7.3
CVE-2026-7692 6.3
CVE-2026-7691 6.3