Code injection

The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service write access violation and application crash via a malformed .3gp file...

RealNetworks RealGames StubbyUtil.ShellCtl.1 ActiveX Command Execution

Multiple remote command execution vulnerabilities exist in RealNetworks RealGames StubbyUtil.ShellCtl.1 ActiveX. The vulnerabilities are due to design flaws in three insecurely implemented methods. An attacker can leverage these vulnerabilities by enticing a target user to open a crafted web page...

RealNetworks RealPlayer SWF Frame Handling Buffer Overflow - ver 2 (CVE-2007-5400)

There exists a heap buffer overflow vulnerability in the RealNetworks RealPlayer product. The vulnerability is due to a design error within the handling of frames in Shockwave Flash SWF files. A remote attacker can exploit this vulnerability to create a heap overflow condition in the target...

RealNetworks RealPlayer RMP File Stack Buffer Overflow (CVE-2013-6877)

A stack buffer overflow exists in RealNetworks RealPlayer. Successful exploitation could result in arbitrary code execution in the context of the currently logged in user. The vulnerability is due to an error when parsing the version and encoding attributes of the XML declaration statement. An...

RealPlayer CDDA URI Code Execution - Ver2 (CVE-2010-3747)

A code execution vulnerability has been reported in RealNetworks RealPlayer ActiveX control.RealPlayer. The vulnerability is due to access to uninitialized memory during processing of CDDA URIs. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted web fil...

RealNetworks RealPlayer RMP File Heap Buffer Overflow (CVE-2013-6877)

A heap buffer overflow exists in RealNetworks RealPlayer. The vulnerability is due an error when handling RMP files, overly long values for certain tags can result in a heap buffer overflow. A remote unauthenticated attacker could exploit this vulnerability by enticing a user to open a crafted RM...

CVE-2013-7260

Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long 1 version number or 2 encoding declaration in the XML declaration of an RMP file, a different issue than...

Stack overflow

Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long 1 version number or 2 encoding declaration in the XML declaration of an RMP file, a different issue than...

CVE-2013-7260

Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long 1 version number or 2 encoding declaration in the XML declaration of an RMP file, a different issue than...

RealNetworks RealPlayer Version Attribute Buffer Overflow

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'RealNetworks RealPlayer Version Attribute Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow...

RealNetworks RealPlayer Buffer Overflow Vulnerability (Dec 2013) - Windows

RealPlayer is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:realnetworks:realplayer";...

RealNetworks RealPlayer 16 Buffer Overflow

!/usr/bin/perl ----------------------------------------------------------------------------- Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow Date: Dec 20, 2013 Exploit Author: Gabor Seljan Vendor Homepage: http://www.real.com Software Link:...

RealNetworks RealPlayer 16.0.3.5116.0.2.32 - .rmp Version Attribute Buffer Overflow

RealNetworks RealPlayer 16.0.3.5116.0.2.32 - .rmp Version Attribute Buffer Overflow !/usr/bin/perl ----------------------------------------------------------------------------- Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow Date: Dec 20 2013 Exploit Author: Gabor Seljan...

RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - (.rmp) Version Attribute Buffer Overflow

Exploit for windows platform in category local exploits !/usr/bin/perl ----------------------------------------------------------------------------- Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow Date: Dec 20, 2013 Exploit Author: Gabor Seljan Vendor Homepage:...

RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow

!/usr/bin/perl ----------------------------------------------------------------------------- Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow Date: Dec 20 2013 Exploit Author: Gabor Seljan Vendor Homepage: http://www.real.com Software Link:...

RealNetworks RealPlayer Version Attribute Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a...

CVE-2013-6877

Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allows remote attackers to execute arbitrary code via a long string in the TRACKID element of an RMP file, a different vulnerability than CVE-2013-7260...

CVE-2013-6877

Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allows remote attackers to execute arbitrary code via a long string in the TRACKID element of an RMP file, a different vulnerability than CVE-2013-7260...

CVE-2013-6877

RealPlayer is affected by two CVEs related to RMP file parsing. CVE-2013-6877 is a heap-based overflow triggered by a long TRACKID in an RMP file, enabling arbitrary code execution on Windows (before 17.0.4.61) and macOS (before 12.0.1.1738). CVE-2013-7260 covers multiple stack-based overflows fr...

RealNetworks RealPlayer Multiple Vulnerabilities (Aug 2013) - Mac OS X

RealPlayer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:realnetworks:realplayer"; if...