Filtered by vendor Realnetworks
Subscriptions
Filtered by product Realplayer
Subscriptions
Total
171 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5400 | 3 Real, Realnetworks, Redhat | 3 Realplayer, Realplayer, Rhel Extras | 2025-04-09 | N/A |
| Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file. | ||||
| CVE-2008-1309 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory. | ||||
| CVE-2007-4904 | 1 Realnetworks | 2 Helix Player, Realplayer | 2025-04-09 | N/A |
| RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | ||||
| CVE-2007-6235 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| A certain ActiveX control in RealNetworks RealPlayer 11 allows remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. NOTE: this might be related to CVE-2007-4904. | ||||
| CVE-2007-6224 | 2 Microsoft, Realnetworks | 3 Windows Vista, Windows Xp, Realplayer | 2025-04-09 | N/A |
| The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPlayer 11, allows remote attackers to cause a denial of service (browser crash) via a certain argument to the GetSourceTransport method. | ||||
| CVE-2009-0375 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin. | ||||
| CVE-2008-0098 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-2263 | 2 Realnetworks, Redhat | 4 Realone Player, Realplayer, Realplayer Enterprise and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers. | ||||
| CVE-2007-2497 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct. | ||||
| CVE-2006-6759 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments. | ||||
| CVE-2008-3066 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file. | ||||
| CVE-2008-3064 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability." | ||||
| CVE-2009-0376 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin. | ||||
| CVE-2007-3410 | 2 Realnetworks, Redhat | 6 Helix Player, Realone Player, Realplayer and 3 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. | ||||
| CVE-2007-5601 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. | ||||
| CVE-2004-0258 | 1 Realnetworks | 4 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player and 1 more | 2025-04-03 | N/A |
| Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | ||||
| CVE-2005-4126 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | ||||
| CVE-2005-4130 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows remote attackers to execute arbitrary code. NOTE: it is not known whether this issue should be MERGED with CVE-2005-4126. The information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | ||||
| CVE-2002-1321 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | N/A |
| Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename. | ||||
| CVE-2004-1481 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2025-04-03 | N/A |
| Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | ||||