Realplayer
by RealNetworks
CVEs (171)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-0417 | 0.00 | — | 0.04 | Feb 18, 2010 | Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap… | |||
| CVE-2009-4243 | 0.00 | — | 0.03 | Jan 25, 2010 | RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted… | |||
| CVE-2009-0375 | 0.00 | — | 0.06 | Feb 8, 2009 | Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute… | |||
| CVE-2008-3064 | 0.00 | — | 0.02 | Jul 28, 2008 | Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability." | |||
| CVE-2008-0098 | 0.00 | — | 0.06 | Jan 8, 2008 | Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is… | |||
| CVE-2007-6224 | 0.00 | — | 0.02 | Dec 4, 2007 | The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPlayer 11, allows remote attackers to cause a denial of service (browser crash) via a certain argument to the GetSourceTransport method. | |||
| CVE-2007-5081 | 0.00 | — | 0.05 | Oct 31, 2007 | Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. | |||
| CVE-2006-1370 | 0.00 | — | 0.03 | Mar 23, 2006 | Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc)… | |||
| CVE-2005-2922 | 0.00 | — | 0.06 | Dec 31, 2005 | Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked… | |||
| CVE-2005-4130 | 0.00 | — | 0.02 | Dec 9, 2005 | ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows remote attackers to execute arbitrary code. NOTE: it is not known… | |||
| CVE-2005-4126 | 0.00 | — | 0.02 | Dec 9, 2005 | ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding… | |||
| CVE-2005-2630 | 0.00 | — | 0.04 | Nov 18, 2005 | Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | |||
| CVE-2005-3677 | 0.00 | — | 0.03 | Nov 18, 2005 | Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the… | |||
| CVE-2005-2936 | 0.00 | — | 0.03 | Nov 18, 2005 | Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file. | |||
| CVE-2005-2054 | 0.00 | — | 0.02 | Jun 29, 2005 | Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file. | |||
| CVE-2005-2055 | 0.00 | — | 0.01 | Jun 29, 2005 | RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | |||
| CVE-2005-1766 | 0.00 | — | 0.04 | Jun 28, 2005 | Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file. | |||
| CVE-2005-2052 | 0.00 | — | 0.02 | Jun 28, 2005 | Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. | |||
| CVE-2005-0611 | 0.00 | — | 0.04 | May 2, 2005 | Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | |||
| CVE-2005-0755 | 0.00 | — | 0.03 | Apr 19, 2005 | Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. |
- CVE-2010-0417Feb 18, 2010risk 0.00cvss —epss 0.04
Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap…
- CVE-2009-4243Jan 25, 2010risk 0.00cvss —epss 0.03
RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted…
- CVE-2009-0375Feb 8, 2009risk 0.00cvss —epss 0.06
Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute…
- CVE-2008-3064Jul 28, 2008risk 0.00cvss —epss 0.02
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."
- CVE-2008-0098Jan 8, 2008risk 0.00cvss —epss 0.06
Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is…
- CVE-2007-6224Dec 4, 2007risk 0.00cvss —epss 0.02
The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPlayer 11, allows remote attackers to cause a denial of service (browser crash) via a certain argument to the GetSourceTransport method.
- CVE-2007-5081Oct 31, 2007risk 0.00cvss —epss 0.05
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.
- CVE-2006-1370Mar 23, 2006risk 0.00cvss —epss 0.03
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc)…
- CVE-2005-2922Dec 31, 2005risk 0.00cvss —epss 0.06
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked…
- CVE-2005-4130Dec 9, 2005risk 0.00cvss —epss 0.02
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows remote attackers to execute arbitrary code. NOTE: it is not known…
- CVE-2005-4126Dec 9, 2005risk 0.00cvss —epss 0.02
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding…
- CVE-2005-2630Nov 18, 2005risk 0.00cvss —epss 0.04
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
- CVE-2005-3677Nov 18, 2005risk 0.00cvss —epss 0.03
Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the…
- CVE-2005-2936Nov 18, 2005risk 0.00cvss —epss 0.03
Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file.
- CVE-2005-2054Jun 29, 2005risk 0.00cvss —epss 0.02
Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file.
- CVE-2005-2055Jun 29, 2005risk 0.00cvss —epss 0.01
RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers".
- CVE-2005-1766Jun 28, 2005risk 0.00cvss —epss 0.04
Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file.
- CVE-2005-2052Jun 28, 2005risk 0.00cvss —epss 0.02
Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value.
- CVE-2005-0611May 2, 2005risk 0.00cvss —epss 0.04
Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files.
- CVE-2005-0755Apr 19, 2005risk 0.00cvss —epss 0.03
Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.
Page 8 of 9