Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3751 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2010-10-18 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler. | |||||
| CVE-2010-2998 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2010-10-18 | 9.3 HIGH | N/A |
| Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue. | |||||
| CVE-2010-2578 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2010-10-18 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file. | |||||
| CVE-2010-1317 | 1 Realnetworks | 3 Helix Dna Server, Helix Server, Helix Server Mobile | 2010-04-20 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data. | |||||
| CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2008-09-10 | 5.0 MEDIUM | N/A |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
| CVE-2000-0001 | 1 Realnetworks | 1 Realserver | 2008-09-09 | 5.0 MEDIUM | N/A |
| RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. | |||||
| CVE-1999-0896 | 1 Realnetworks | 1 Realserver G2 | 2008-09-09 | 10.0 HIGH | N/A |
| Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. | |||||
| CVE-2005-4130 | 1 Realnetworks | 1 Realplayer | 2008-09-05 | 7.5 HIGH | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows remote attackers to execute arbitrary code. NOTE: it is not known whether this issue should be MERGED with CVE-2005-4126. The information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | |||||
| CVE-2005-4126 | 1 Realnetworks | 1 Realplayer | 2008-09-05 | 7.5 HIGH | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | |||||
| CVE-2005-2054 | 1 Realnetworks | 2 Realone Player, Realplayer | 2008-09-05 | 5.1 MEDIUM | N/A |
| Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file. | |||||
| CVE-2005-2055 | 1 Realnetworks | 2 Realone Player, Realplayer | 2008-09-05 | 5.0 MEDIUM | N/A |
| RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | |||||
| CVE-2004-0049 | 1 Realnetworks | 2 Helix Universal Mobile Server, Helix Universal Server | 2008-09-05 | 6.8 MEDIUM | N/A |
| Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | |||||
| CVE-2003-0725 | 1 Realnetworks | 2 Helix Universal Server, Realserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-1014 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image. | |||||
| CVE-2002-1015 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2008-09-05 | 7.5 HIGH | N/A |
| RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers. | |||||
| CVE-2002-0415 | 1 Realnetworks | 1 Realplayer | 2008-09-05 | 1.7 LOW | N/A |
| Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275. | |||||
| CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2008-09-05 | 2.6 LOW | N/A |
| Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||