1046 matches found
CVE-2011-2945
RealPlayer (Windows) is affected by CVE-2011-2945 due to a heap-based buffer overflow in SIPR within RealPlayer 11.0–11.1 and 14.0.0–14.0.5. This allows remote code execution via a crafted SIPR stream. Public sources confirm the vulnerability and CVE mapping, but none of the connected documents p...
CVE-2011-2947
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...
CVE-2011-2951
CVE-2011-2951 describes a buffer overflow in RealNetworks RealPlayer affecting multiple versions (RealPlayer 11.0–11.1, 14.0.0–14.0.5; RealPlayer SP 1.0–1.1.5; Mac RealPlayer 12.0.0.1569) that can allow remote code execution via a crafted raw_data_frame field in an AAC file. Root cause: improper ...
RealNetworks Realplayer multiple security vulnerabilities
QCP, AAC, MP3, SWF, SIPR parsing memory corruptions, crossite scripting, unsafe methods and buffer overflow in ActiveX...
ZDI-11-265: RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
ZDI-11-265: RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-265 August 16, 2011 -- CVE ID: CVE-2011-2950 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: RealNetworks -- Affected Products: RealNetworks RealPlaye...
RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way...
RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the fact...
RealNetworks Realplayer MP3 ID3 tags Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way...
RealNetworks RealPlayer Advanced Audio Coding Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the...
RealNetworks RealPlayer IVR Handling Heap Buffer Overflow
A heap buffer overflow vulnerability has been reported in RealNetworks RealPlayer. RealPlayer is a media player developed by RealNetworks, Inc. The application is capable of playing back numerous formats of multimedia files. Successful exploitation of this vulnerability may enable an attacker to...
RealNetworks RealGames StubbyUtil.ProcessMgr ActiveX Command Execution
The vulnerable application is part of My Farm Life's a game provided by RealNetworks' GameHouse setup file Multiple remote command execution vulnerabilities have been reported in RealNetworks RealGames StubbyUtil.ProcessMgr ActiveX control. The vulnerabilities are due to design flaws in four...
Vulnerability in RealNetworks RealPlayer Could Allow Remote Code Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks RealPlayer SP version 1.1.4 and earlier and RealPlayer 11.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure...
Vulnerability in RealNetworks RealPlayer RichFX Component Could Allow Remote Code Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks RealPlayer SP version 1.1.4 and earlier, RealPlayer 11.1 and earlier, and RealPlayer Enterprise 2.1.2 and earlier. Microsoft discovered and disclosed the vulnerability...
RealNetworks RealPlayer 'OpenURLInDefaultBrowser()' Code Execution Vulnerability (Windows)
This host is installed with RealPlayer which is prone to Code Execution Vulnerability. OpenVAS Vulnerability Test $Id: gbrealplayercodeexecvulnwin.nasl 7015 2017-08-28 11:51:24Z teissa $ RealNetworks RealPlayer 'OpenURLInDefaultBrowser' Code Execution Vulnerability Windows Authors: Madhuri D...
CVE-2011-1426
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename...
Open redirect
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename...
CVE-2011-1426
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename...
CVE-2011-1426
RealNetworks RealPlayer OpenURLInDefaultBrowser vulnerability (CVE-2011-1426) affects RealPlayer 11.0–11.1 and 14.0.0–14.0.2, and RealPlayer SP 1.0–1.1.5. The OpenURLInDefaultBrowser() method launches the system default handler for the first argument’s filename, enabling remote attackers to execu...
RealNetworks RealPlayer code execution
Code execution via .rnx files...