Total
171 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-2408 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 6.8 MEDIUM | N/A |
The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding. | |||||
CVE-2012-2409 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 7.5 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2410. | |||||
CVE-2012-2410 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 6.8 MEDIUM | N/A |
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2409. | |||||
CVE-2012-0925 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream. | |||||
CVE-2012-2411 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 9.3 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file. | |||||
CVE-2012-2406 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file. | |||||
CVE-2012-0922 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-28 | 9.3 HIGH | N/A |
rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file. | |||||
CVE-2010-4393 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-16 | 9.3 HIGH | N/A |
Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file. | |||||
CVE-2009-4243 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-08-16 | 9.3 HIGH | N/A |
RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow." | |||||
CVE-2007-5601 | 1 Realnetworks | 1 Realplayer | 2017-07-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. | |||||
CVE-2007-5080 | 1 Realnetworks | 3 Realone Player, Realplayer, Realplayer Enterprise | 2017-07-28 | 9.3 HIGH | N/A |
Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow. | |||||
CVE-2006-1370 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-07-19 | 9.3 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file. | |||||
CVE-2004-1798 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2017-07-11 | 5.1 MEDIUM | N/A |
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | |||||
CVE-2005-2630 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-07-10 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | |||||
CVE-2004-0550 | 1 Realnetworks | 1 Realplayer | 2017-07-10 | 7.5 HIGH | N/A |
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. | |||||
CVE-2004-0387 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-07-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. | |||||
CVE-2004-0258 | 1 Realnetworks | 4 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player and 1 more | 2017-07-10 | 7.6 HIGH | N/A |
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | |||||
CVE-2002-1321 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-07-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename. | |||||
CVE-2017-9302 | 1 Realnetworks | 1 Realplayer | 2017-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file. | |||||
CVE-2014-3113 | 1 Realnetworks | 1 Realplayer | 2017-01-06 | 9.3 HIGH | N/A |
Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 allow remote attackers to execute arbitrary code via a malformed (1) elst or (2) stsz atom in an MP4 file. |