CVE-2011-10016 CRITICAL

CVE-2011-10016: Real Networks Netzip Classic 7.5.1.86 File Parsing Buffer Overflow

Vendor Realnetworks Inc.
Product Netzip Classic
Weakness CWE-121
Published August 13, 2025
Last update April 7, 2026

CVSS base score

9.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.

Key dates

02Disclosure timeline

August 13, 2025 CVE published
April 7, 2026 Record updated