CVE-2012-2411

CVE-2012-2411 is a RealNetworks RealPlayer vulnerability describing a buffer overflow in RealPlayer before 15.0.4.53 and RealPlayer SP 1.0–1.1.5, exploitable via a crafted RealJukebox Media file to allow remote code execution. Affected product family: RealPlayer/RealPlayer SP (Windows). Root caus...

CVE-2012-2406

RealPlayer and RealPlayer SP are affected by CVE-2012-2406 due to improper parsing of ASMRuleBook data in RealMedia files, enabling remote code execution via a crafted file. Affected products include RealNetworks RealPlayer before 15.0.4.53 and RealPlayer SP 1.0–1.1.5. The vulnerability enables a...

RealNetworks RealPlayer MPG Width Integer Underflow Memory Corruption (CVE-2011-4259)

An memory corruption vulnerability has been reported in RealNetworks RealPlayer. The vulnerability is due to an integer underflow condition caused while handling MPEG-2 files with a specially crafted width parameter. A remote attacker may exploit this issue by enticing a target user to open a...

RealNetworks Helix Server Multiple Remote Vulnerabilities

RealNetworks Helix Server is prone to multiple remote vulnerabilities. Attackers can exploit theses issues to execute arbitrary code within the context of the affected application, cause denial-of service conditions, retrieve potentially sensitive information, execute arbitrary script code in the...

RealNetworks Helix Server Multiple Remote Vulnerabilities

RealNetworks Helix Server is prone to multiple remote vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RealNetworks Helix Server security vulnerabilities

Information leakage, SNMP DoS...

Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue

====================================================================== Secunia Research 09/04/2012 - RealNetworks Helix Server Credentials Disclosure Security Issue - ====================================================================== Table of Contents Affected...

Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities

====================================================================== Secunia Research 09/04/2012 - RealNetworks Helix Server SNMP Master Agent - - Two Denial of Service Vulnerabilities - ====================================================================== Table of Contents Affected...

CVE-2012-2268

master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different...

CVE-2012-1985

Cross-site request forgery CSRF vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service stack consumption and daemon crash via a malformed URL...

CVE-2012-0942

Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials...

CVE-2012-1984

Multiple cross-site scripting XSS vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1923

RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under admbdb\users, which allows local users to obtain sensitive information by reading a database...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Buffer overflow

Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials...

Design/Logic Flaw

RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under admbdb\users, which allows local users to obtain sensitive information by reading a database...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service stack consumption and daemon crash via a malformed URL...

Design/Logic Flaw

master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different...

Code injection

master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service daemon crash by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923...

CVE-2012-1923

RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under admbdb\users, which allows local users to obtain sensitive information by reading a database...