Total
171 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-6877 | 1 Realnetworks | 1 Realplayer | 2016-12-30 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allows remote attackers to execute arbitrary code via a long string in the TRACKID element of an RMP file, a different vulnerability than CVE-2013-7260. | |||||
CVE-2016-9018 | 1 Realnetworks | 1 Realplayer | 2016-11-29 | 4.3 MEDIUM | 5.5 MEDIUM |
Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file. | |||||
CVE-2005-3677 | 1 Realnetworks | 1 Realplayer | 2016-10-17 | 7.5 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different. | |||||
CVE-2005-2052 | 1 Realnetworks | 2 Realone Player, Realplayer | 2016-10-17 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. | |||||
CVE-2003-0141 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2016-10-17 | 5.1 MEDIUM | N/A |
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | |||||
CVE-2002-0337 | 1 Realnetworks | 1 Realplayer | 2016-10-17 | 5.4 MEDIUM | N/A |
RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | |||||
CVE-2014-3444 | 1 Realnetworks | 1 Realplayer | 2014-05-20 | 9.3 HIGH | N/A |
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file. | |||||
CVE-2013-4974 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2013-09-11 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file. | |||||
CVE-2013-4973 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2013-09-11 | 9.3 HIGH | N/A |
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file. | |||||
CVE-2013-3299 | 1 Realnetworks | 1 Realplayer | 2013-07-07 | 4.3 MEDIUM | N/A |
RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string. | |||||
CVE-2013-1750 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2013-03-20 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file. | |||||
CVE-2012-5690 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2012-12-19 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer. | |||||
CVE-2012-5691 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2012-12-19 | 9.3 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file. | |||||
CVE-2012-1904 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2012-08-24 | 4.3 MEDIUM | N/A |
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file. | |||||
CVE-2011-1221 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2012-05-13 | 4.3 MEDIUM | N/A |
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document, a different vulnerability than CVE-2011-2947. | |||||
CVE-2011-4256 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 10.0 HIGH | N/A |
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2011-4258 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file. | |||||
CVE-2011-4259 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file. | |||||
CVE-2011-4260 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file. | |||||
CVE-2011-4261 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file. |