Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-5690 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer. | |||||
CVE-2010-5228 | 1 Realnetworks | 1 Realplayer Sp | 2024-02-04 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 allows local users to gain privileges via a Trojan horse rio500.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2012-2406 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file. | |||||
CVE-2012-1984 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2013-3299 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 4.3 MEDIUM | N/A |
RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string. | |||||
CVE-2012-2268 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-02-04 | 5.0 MEDIUM | N/A |
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different vulnerability than CVE-2012-1923. | |||||
CVE-2012-2409 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2410. | |||||
CVE-2012-2267 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-02-04 | 5.0 MEDIUM | N/A |
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (daemon crash) by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923. | |||||
CVE-2013-7260 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877. | |||||
CVE-2012-2408 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 6.8 MEDIUM | N/A |
The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding. | |||||
CVE-2012-1985 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL. | |||||
CVE-2013-6877 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allows remote attackers to execute arbitrary code via a long string in the TRACKID element of an RMP file, a different vulnerability than CVE-2013-7260. | |||||
CVE-2012-1923 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-02-04 | 2.1 LOW | N/A |
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database. | |||||
CVE-2012-4987 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature. | |||||
CVE-2012-1904 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 4.3 MEDIUM | N/A |
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file. | |||||
CVE-2012-5691 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file. | |||||
CVE-2013-4974 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 9.3 HIGH | N/A |
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file. | |||||
CVE-2012-0942 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials. | |||||
CVE-2012-2410 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2409. | |||||
CVE-2011-1525 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 9.3 HIGH | N/A |
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file. |