CVE-2010-3751

Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the 1 tfile, 2 pnmm, or 3 cdda protocol handler...

CVE-2010-3747

An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2010-3750

This CVE (CVE-2010-3750) affects RealNetworks RealPlayer 11.0–11.1, RealPlayer SP 1.0–1.1.4, and RealPlayer Enterprise 2.1.2. The issue is a heap-buffer interaction flaw in rjrmrpln.dll where file contents are not properly validated during parsing of Name Value Property (NVP) elements in logical ...

CVE-2010-3750

rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value...

CVE-2010-3749

The CVE-2010-3749 flaw affects RealNetworks RealPlayer 11.0–11.1 and RealPlayer SP 1.0–1.1, in the browser-plugin/ActiveX implementation for the RecordClip method. A specific argument containing a double-quote enables parameter injection that allows remote code execution: an attacker can craft a ...

CVE-2010-3747

CVE-2010-3747 affects RealNetworks RealPlayer ActiveX control; the vulnerability stems from uninitialized memory during parsing of CDDA URIs, allowing remote code execution or denial of service via a long URI. Affected products include RealPlayer 11.0–11.1, RealPlayer SP 1.0–1.1.4, and RealPlayer...

CERT Issues Advisory On RealPlayer Holes

US CERT has issued an advisory following the release, late last week, of a critical patch from RealNetworks for seven vulnerabilities in its common RealPlayer software. CERT recommended users and administrators to review the advisory from Realnetworks to determine which RealPlayer products were...

RealNetworks Releases Security Update for RealPlayer Vulnerabilities

RealNetworks has issued a Security Update to address multiple vulnerabilities affecting RealPlayer. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the RealNetworks security advisory and apply any necessa...

RealNetworks RealPlayer RJMDSections Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must open a malicious website or media file. The specific flaw exists within the code responsible for parsing Name Value...

RealNetworks RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the parsing of long CDDA URIs due to a failure...

RealNetworks Realplayer RecordClip Parameter Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the browser plugins provided by...

RealNetworks RealPlayer Malformed IVR Pointer Index Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing a RealMed...

RealNetworks RealPlayer Multiple Protocol Handlers Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the RealPlayer ActiveX control...

RealNetworks RealPlayer RAM File Processing Buffer Overflow (CVE-2005-0755)

There is a heap buffer overflow vulnerability in the way that RealPlayer and RealOne Player handle input data. There are certain RealAudio specific text-based file types namely .RMP, .RAM, .SMIL, .RT, .RP that are used to facilitate the loading of RealAudio media files. A vulnerability exists in...

RealNetworks RealPlayer Buffer Overflow (CVE-2004-0258)

RealPlayer is a media player produced by RealNetworks, Inc. that supports a variety of open and proprietary multimedia stream and file formats. Versions of RealPlayer are available for most common platforms such as Windows, Linux, Solaris, etc. There exists a buffer overflow vulnerability in...

RealNetworks RealPlayer FLV Parsing Multiple Integer Overflows (CVE-2010-3000)

RealPlayer is a media player application developed by RealNetworks Inc. This application is capable of playing back numerous multimedia file formats and can open media files from local file system or network servers. RealPlayer has an extensible nature that allows it to handle different media fil...

RealNetworks RealPlayer Multiple Vulnerabilities (Windows)

This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealnetwoksrealplayermultvulnwin.nasl 5373 2017-02-20 16:27:48Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Windows Authors: Antu Sanadi Copyright: Copyright c 2010...

RealNetworks RealPlayer Multiple Vulnerabilities - Windows

RealPlayer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RealNetworks RealPlayer Multiple Vulnerabilities - Windows

RealPlayer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RealNetworks Releases Update to Address Vulnerabilities in RealPlayer

RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the RealNetworks, Inc...