Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2950 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. | |||||
| CVE-2011-2949 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file. | |||||
| CVE-2011-2948 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file. | |||||
| CVE-2011-2947 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document. | |||||
| CVE-2011-2946 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-2945 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream. | |||||
| CVE-2011-1525 | 1 Realnetworks | 1 Realplayer | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file. | |||||
| CVE-2011-1426 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename corresponding to a crafted RNX file. | |||||
| CVE-2011-1221 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document, a different vulnerability than CVE-2011-2947. | |||||
| CVE-2011-0694 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function. | |||||
| CVE-2010-5228 | 1 Realnetworks | 1 Realplayer Sp | 2024-11-21 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 allows local users to gain privileges via a Trojan horse rio500.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4596 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request. | |||||
| CVE-2010-4397 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
| Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file. | |||||
| CVE-2010-4396 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary web script or HTML in the Local Zone by specifying a local file in a NavigateToURL action, as demonstrated by a local skin file. | |||||
| CVE-2010-4395 | 2 Linux, Realnetworks | 3 Linux Kernel, Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data. | |||||
| CVE-2010-4394 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 allows remote web servers to execute arbitrary code via a long Server header in a response to an HTTP request that occurs during parsing of a RealPix file. | |||||
| CVE-2010-4393 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file. | |||||
| CVE-2010-4392 | 2 Linux, Realnetworks | 3 Linux Kernel, Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap data in a RealMedia file, related to certain improper integer calculations. | |||||
| CVE-2010-4391 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allows remote attackers to execute arbitrary code via a crafted value in an unspecified header field in an RMX file. | |||||
| CVE-2010-4390 | 2 Linux, Realnetworks | 3 Linux Kernel, Realplayer, Realplayer Sp | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file. | |||||