CVE-2012-0922

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file...

CVE-2012-0925

Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream...

CVE-2012-0927

Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving the codedframesize value in a RealAudio audio stream...

CVE-2012-0924

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJSTARTCODE code in a header within a video stream...

CVE-2012-0928

The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file...

CVE-2012-0926

The CVE-2012-0926 vulnerability affects RealNetworks RealPlayer: the RV10 RealVideo stream handling in RealPlayer 11.x, 14.x, 15.x (and RealPlayer SP 1.0–1.1.5) fails to validate height/width fields, allowing remote code execution via a crafted RV10 video. Root cause is miscalculation of an offse...

CVE-2012-0926

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream...

CVE-2012-0928

The CVE-2012-0928 entry affects RealNetworks RealPlayer: ATRAC decoding in RealPlayer 11.x and 14.x up to 14.0.7, RealPlayer SP 1.0–1.1.5, and Mac RealPlayer 12.x prior to 12.0.0.1703. The vulnerability arises during ATRAC sample decoding, where faulty parsing of the audio data allows remote atta...

CVE-2012-0927

CVE-2012-0927 affects RealNetworks RealPlayer 11.x, 14.x and 15.x prior to 15.02.71, and RealPlayer SP 1.0–1.1.5. The flaw resides in the RealAudio stream’s coded_frame_size handling (cook.dll); the parsed RA2 header uses coded_frame_size to allocate memory, which is not properly verified, enabli...

CVE-2012-0925

RealPlayer RV40 remote code execution vulnerability (CVE-2012-0925) affects RealPlayer 11.x, 14.x, 15.x before 15.02.71 and RealPlayer SP 1.0–1.1.5. The flaw is in rv40.dll when parsing RV40 sample data, where a miscalculated offset can lead to arbitrary code execution. Exploitation requires a us...

CVE-2012-0924

RealNetworks RealPlayer 11.x, 14.x and 15.x (before 15.0.2.71) and RealPlayer SP 1.0–1.1.5 are affected by a VIDOBJ_START_CODE handling flaw in MPEG streams that allows remote code execution. The vulnerability arises in the dmp4.dll decoding path when processing a VIDOBJ_START_CODE object, leadin...

CVE-2012-0923

The CVE-2012-0923 entry corresponds to a RealPlayer RV20 RealVideo vulnerability. Connected sources provide concrete details: RealPlayer 11.x, 14.x and 15.x (before 15.02.71) and RealPlayer SP 1.0–1.1.5 are affected. The root cause is improper handling/bounds checking of a frame size array during...

CVE-2012-0922

RealNetworks RealPlayer (Windows/other) is affected by CVE-2012-0922 due to a flaw in the rvrender RMFF parser. RealPlayer 11.x, 14.x, 15.x (and RealPlayer SP 1.0–1.1.5) prior to 15.02.71 allow remote code execution when a crafted RMFF file with a negative RMFF 1.0 Flags value is parsed, enabling...

Real Networks RealPlayer < 15.0.2.72 Multiple Vulnerabilities

Binary data 6311.prm...

Real Networks RealPlayer Atrac样本解码远程代码执行漏洞

Bugtraq ID: 51890 CVE ID：CVE-2012-0928 RealNetworks RealPlayer是一款流行的媒体播放程序 RealNetworks RealPlayer Atrac样本解码存在安全问题，远程攻击者可以构建恶意媒体文件，诱使用户解析，以应用程序上下文执行任意代码 0 RealPlayer 15.x 厂商解决方案 RealPlayer 15.0.2.71已经修复此漏洞，建议用户下载使用： http://www.real.com...

Real Networks RealPlayer 'rvrender' RMFF标记远程代码执行漏洞

Bugtraq ID: 51883 CVE ID：CVE-2012-0922 RealNetworks RealPlayer是一款流行的媒体播放程序 RealNetworks RealPlayer处理RMFF标记rvrender存在未明错误，远程攻击者可以构建恶意媒体文件，诱使用户解析，以应用程序上下文执行任意代码 0 RealPlayer 15.x 厂商解决方案 RealPlayer 15.0.2.71已经修复此漏洞，建议用户下载使用： http://www.real.com...

ZDI-11-344 : RealNetworks RealPlayer RV20 Decoding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-344 : RealNetworks RealPlayer RV20 Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-344 December 7, 2011 - -- CVE ID: CVE-2011-4253 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

RealNetworks RealPlayer multiple security vulnerabilities

Multiple vulnerabilities on different media formats parsing...

ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-343 December 7, 2011 - -- CVE ID: CVE2011-4260 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...