CVE-2011-10028
RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse.
| CWE | CWE-623 |
| Vendor | realnetworks |
| Product | realarcade activex |
| Published | Aug 20, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for realnetworks realarcade activex
Be the first to know when new unknown vulnerabilities affecting realnetworks realarcade activex are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
RealNetworks / RealArcade ActiveX
* โค 2.6.0.445
References
exploit-db.com: https://www.exploit-db.com/exploits/17105 exploit-db.com: https://www.exploit-db.com/exploits/17149 raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/real_arcade_installerdlg.rb advisories.checkpoint.com: https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2011-347.html gamehouse.com: https://www.gamehouse.com/ archive.org: https://archive.org/details/com.real.arcade vulncheck.com: https://www.vulncheck.com/advisories/real-networks-arcade-games-activex-arbitrary-code-execution
Credits
rgod