1046 matches found
CVE-2012-2267
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service daemon crash by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923...
CVE-2012-2268
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service unhandled exception and daemon crash via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different...
CVE-2012-1984
Multiple cross-site scripting XSS vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-1985
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x are affected by CSRF (CVE-2012-1985). Exploitation can hijack an administrator’s session via a malformed URL, potentially causing a stack consumption issue and daemon crash (DoS). The issue is documented across multiple feeds (N...
CVE-2012-2268
CVE-2012-2268 affects RealNetworks Helix Server and Helix Mobile Server 14.x prior to 14.3.x. The vulnerability exists in the SNMP Master Agent’s handling of Open-PDU requests and improper DisplayString processing, which can be triggered remotely to cause a denial of service (unhandled exception ...
CVE-2012-2267
RealNetworks Helix Server and Helix Mobile Server 14.x (SNMP Master Agent) are affected by CVE-2012-2267, a denial-of-service vulnerability where a remote attacker can crash the daemon by opening and closing a TCP connection to port 705. This is described as a DoS caused by the SNMP Master Agent ...
CVE-2012-0942
CVE-2012-0942 affects RealNetworks Helix Server (and Helix Mobile Server) 14.x prior to 14.3.x. The vulnerability lies in the rn5auth.dll credential parsing path: GetNameValuePair() copies data with strcpy into a stack buffer, causing a stack-based buffer overflow. This allows remote attackers to...
CVE-2012-1984
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x are affected by multiple remote vulnerabilities, including CVE-2012-1984 (XSS through unspecified vectors) due to parsing/page requests. Upgrading to 14.3.x or applying the vendor Security Update (04/02/20112 HS) is the recommen...
CVE-2012-1923
CVE-2012-1923 affects RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x. The issue is caused by storing credentials in cleartext in the flat-file database under adm_b_db\users, enabling local users to read sensitive passwords. Impact is disclosure of credentials with partial co...
CVE-2012-0942
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials...
CVE-2012-1985
Cross-site request forgery CSRF vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service stack consumption and daemon crash via a malformed URL...
Vulnerability in RealNetworks Helix Universal Media Server Could Allow Denial of Service
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks Helix Universal Media Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to...
Vulnerabilities in RealNetworks Helix Server Could Allow Arbitrary Script Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of multiple vulnerabilities affecting RealNetworks Helix Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed these vulnerabilities under coordinated vulnerability disclosure to th...
Real Networks RealPlayer < 14.0.6.666 (Build 12.0.1.666) Multiple Vulnerabilities
Binary data 6455.prm...
RealNetworks Helix Server 14.x < 14.3.x Multiple Vulnerabilities
According to its banner, the remote host is running version 14.x of RealNetworks Helix Server / Helix Mobile Server. Such versions are potentially affected by multiple vulnerabilities : - Administrative and user credentials are insecurely stored in a flat file database. This file may be accessed ...
RealNetworks RealPlayer MP4 File Handling Denial of Service Vulnerability - Windows
RealPlayer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2012-1904
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service memory corruption and application crash via a crafted MP4 file...
RealNetworks RealPlayer RV30 Sample Arbitrary Index Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
RealNetworks RealPlayer RTSP SETUP Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the...
RealNetworks RealPlayer mp4fformat rdrf Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...