VYPR
Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Jun 16, 2026

CVE-2005-2922

CVE-2005-2922

Description

Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

35
  • cpe:2.3:a:realnetworks:helix_player:10.0.1:*:linux:*:*:*:*:*+ 7 more
    • cpe:2.3:a:realnetworks:helix_player:10.0.1:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:10.0.2:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:10.0.3:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:10.0.4:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:10.0.5:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:10.0.6:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:helix_player:10.0:*:linux:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realone_player:0.288:*:mac_os_x:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realone_player:0.297:*:mac_os_x:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.0.305:*:mac_os:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.0.331:*:mac_os:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.1:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.2:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.3:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.4:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.5:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.0.6:*:linux:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:8.0:*:win32:*:*:*:*:*
    • cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:*
    • (no CPE)range: 10.x
  • cpe:2.3:a:realnetworks:rhapsody:3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:realnetworks:rhapsody:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:realnetworks:rhapsody:3.0_build_0.815:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.