Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0191 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. | |||||
CVE-2005-0611 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | |||||
CVE-2005-0347 | 1 Realnetworks | 1 Realarcade | 2024-02-04 | 5.1 MEDIUM | N/A |
Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow. | |||||
CVE-2005-2710 | 1 Realnetworks | 2 Helix Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file. | |||||
CVE-2005-0192 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-04 | 2.6 LOW | N/A |
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. | |||||
CVE-2004-1481 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | |||||
CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2024-02-04 | 4.6 MEDIUM | N/A |
RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2024-02-04 | 7.8 HIGH | N/A |
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | |||||
CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2024-02-04 | 5.0 MEDIUM | N/A |
RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 2.6 LOW | N/A |
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
CVE-2003-1509 | 1 Realnetworks | 2 Realone Enterprise Desktop, Realone Player | 2024-02-04 | 10.0 HIGH | N/A |
Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | |||||
CVE-2004-0550 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. | |||||
CVE-2002-1321 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename. | |||||
CVE-2004-0387 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. | |||||
CVE-2002-1015 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2024-02-04 | 7.5 HIGH | N/A |
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers. | |||||
CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2024-02-04 | 4.6 MEDIUM | N/A |
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | |||||
CVE-2003-1117 | 1 Realnetworks | 2 Realsystem Proxy, Realsystem Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2002-0337 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 5.4 MEDIUM | N/A |
RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | |||||
CVE-2004-0258 | 1 Realnetworks | 4 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player and 1 more | 2024-02-04 | 7.6 HIGH | N/A |
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | |||||
CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-04 | 2.6 LOW | N/A |
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. |