Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1984 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-0942 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-28 | 7.5 HIGH | N/A |
| Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials. | |||||
| CVE-2012-1923 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-28 | 2.1 LOW | N/A |
| RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database. | |||||
| CVE-2002-1643 | 1 Realnetworks | 1 Helix Universal Server | 2017-12-22 | 7.5 HIGH | N/A |
| Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2017-12-18 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-2005-0192 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-12-12 | 2.6 LOW | N/A |
| Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. | |||||
| CVE-2005-0755 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2017-11-21 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. | |||||
| CVE-2005-0191 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 5.1 MEDIUM | N/A |
| Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. | |||||
| CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 2.6 LOW | N/A |
| Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. | |||||
| CVE-2005-0189 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | |||||
| CVE-2006-6759 | 1 Realnetworks | 1 Realplayer | 2017-10-18 | 5.0 MEDIUM | N/A |
| A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments. | |||||
| CVE-2006-6847 | 1 Realnetworks | 1 Realplayer | 2017-10-18 | 5.0 MEDIUM | N/A |
| An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument. | |||||
| CVE-2007-3410 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2017-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. | |||||
| CVE-2007-2497 | 1 Realnetworks | 1 Realplayer | 2017-10-10 | 7.8 HIGH | N/A |
| RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct. | |||||
| CVE-2005-2922 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2017-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. | |||||
| CVE-2005-2710 | 1 Realnetworks | 2 Helix Player, Realplayer | 2017-10-10 | 5.1 MEDIUM | N/A |
| Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file. | |||||
| CVE-2005-1766 | 1 Realnetworks | 1 Realplayer | 2017-10-10 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file. | |||||
| CVE-2005-0455 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-10-10 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. | |||||
| CVE-2005-0611 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2017-10-10 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | |||||
| CVE-2004-0273 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2017-10-09 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. | |||||