1046 matches found
CVE-2011-4247
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream...
CVE-2011-4246
The CVE-2011-4246 entry concerns the AAC codec in RealNetworks RealPlayer prior to 15.0.0 and Mac RealPlayer prior to 12.0.0.1703. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Connected sources confirm RealPlayer vu...
CVE-2011-4258
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file...
CVE-2011-4257
The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data...
CVE-2011-4252
CVE-2011-4252 affects RealNetworks RealPlayer (Windows and Mac) where the RV10 codec parses a height value from a RealVideo object. The flaw allows memory corruption and remote code execution if a user opens a crafted sample or visits a malicious page. Public details indicate exploitation require...
CVE-2011-4262
RealPlayer for Windows prior to 15.0.0 is affected by CVE-2011-4262 due to a flaw in MP4 file handling (mp4fformat) where an incorrect size value allows remote code execution when parsing crafted MP4 files. The vulnerability stack is corroborated by multiple sources (ZDI-12-050 describing the mp4...
CVE-2011-4261
CVE-2011-4261 affects RealNetworks RealPlayer prior to 15.0.0. The vulnerability in the MP4/esds width handling inside the dmp4 component can cause heap memory corruption, potentially enabling remote code execution. Public sources describe an in‑the‑wild risk requiring user interaction (per ZDI a...
CVE-2011-4260
CVE-2011-4260 affects RealNetworks RealPlayer prior to version 15.0.0. The vulnerability exists in the MP4 header parsing (raac.dll) where a malformed MP4 header can trigger remote code execution. Public writeups (e.g., ZDI advisory) state an attacker can exploit by convincing a user to open a ma...
CVE-2011-4258
RealNetworks RealPlayer prior to 15.0.0 is affected by CVE-2011-4258 due to improper parsing of an IVR MLTI chunk length, allowing remote code execution. Exploitation typically requires user interaction (visit a malicious page or open a crafted file). Vendor advisory indicates the flaw is in the ...
CVE-2011-4256
CVE-2011-4256 affects RealNetworks RealPlayer (RV30 codec). The vulnerability occurs when parsing RV30 samples: the code allocates a buffer then fails to fully initialize it and improperly trusts an index from the partially filled buffer, enabling memory corruption that can lead to remote code ex...
CVE-2011-4255
CVE-2011-4255 affects RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703. A vulnerability in processing an invalid codec name could allow remote code execution. The advisory indicates exploitation requires user interaction (visiting a malicious page or opening a crafted f...
CVE-2011-4251
CVE-2011-4251 affects RealNetworks RealPlayer for Windows prior to 15.0.0. The flaw is in how RealPlayer decodes RealMedia RealAudio sample data, where a length read from the file is trusted to size a buffer, enabling memory corruption and remote code execution. Public advisories (ZDI, Red Hat, O...
CVE-2011-4250
CVE-2011-4250 affects RealNetworks RealPlayer (Windows <15.0.0; Mac
CVE-2011-4248
CVE-2011-4248 affects RealNetworks RealPlayer prior to 15.0.0, where parsing of AAC files can cause remote code execution. The root cause is a vulnerability in AAC/file parsing leading to buffer/data handling issues that could be exploited to run arbitrary code on the user’s system. Exploitation ...
CVE-2011-4245
The CVE-2011-4245 entry concerns RealNetworks RealPlayer's RealVideo renderer. Affected products are RealPlayer for Windows before 15.0.0 and Mac RealPlayer before 12.0.0.1703. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via memory corruption, ...
CVE-2011-4244
CVE-2011-4244 affects RealNetworks RealPlayer before 15.0.0. The issue is a heap-based buffer overflow in the RealVideo renderer that allows remote attackers to execute arbitrary code via unspecified vectors. The provided documents consistently describe the vulnerable component (RealVideo rendere...
CVE-2011-4247
CVE-2011-4247 affects RealNetworks RealPlayer prior to 15.0.0. The vulnerability is a remote code execution flaw in how RealPlayer handles QCELP streams; a crafted QCELP stream can cause arbitrary code execution. Public disclosures (ZDI-12-092) state exploitation requires user interaction (visiti...
CVE-2011-4261
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via crafted video dimensions in an MP4 file...
CVE-2011-4254
RealNetworks RealPlayer before 15.0.0 is affected by CVE-2011-4254: a vulnerability in RTSP SETUP request handling that can lead to remote code execution. The ZDI advisory attributes this to a use-after-free condition during RTSP SETUP parsing, requiring a crafted request and potentially user int...
CVE-2011-4249
RealPlayer (Windows) before 15.0.0 is affected by CVE-2011-4249 due to an array index error in the RV30 codec during parsing of RV30 data, enabling remote code execution. ZDI notes the flaw allows code execution on vulnerable installations and requires user interaction (visiting a malicious page ...