CVE-2008-5911

RealNetworks Helix Server (and Helix Mobile Server) versions 11.x before 11.1.8 and 12.x before 12.0.1 are affected by multiple buffer overflow vulnerabilities triggered by RTSP requests. The CVE-2008-5911 entry covers issues including heap overflow via RTSP SETUP, DESCRIBE, and NTLM authenticati...

CVE-2008-5911

Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to 1 cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via 2 an NTLM authentication request with malformed...

RealNetworks Helix DNA Server RTSP DESCRIBE Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rmserver.exe...

RealNetworks Helix Server DataConvertBuffer Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists while processing malformed base64 encoded data from a SETPARAMETER command containing the...

RealNetworks Helix Server NTLM Authentication Malformed Base64 Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists during NTLM negotiation. The function responsible for decoding Base64...

FreeBSD Ports: linux-realplayer

The remote host is missing an update to the system as announced in the referenced advisory. VID 25858c37-bdab-11da-b7d4-00123ffe8333 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: linux-realplayer

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: linux-realplayer

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability

CVE-2008-3064 An illegal resource reference vulnerability exists in the ActiveX Control of RealNetworks RealPlayer. For exploiting the vulnerability, the attacker may build a special web page and entrap the victim into visiting it, if the local system has installed RealPlayer, the local resources...

RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability

RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability by cocoruderfrankruderathotmail.com http://ruder.cdut.net Summary: An illegal resource reference vulnerability exists in the ActiveX Control of RealNetworks RealPlayer. For exploiting the vulnerability, the attacker may buil...

Preemptive Protection against RealNetworks RealPlayer ActiveX Import Method Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported in RealNetworks RealPlayer application. RealNetworks RealPlayer and RealOne Player are media player applications that are capable of playing back numerous multimedia file formats. A remote attacker may exploit this issue to execute arbitrary code ...

Stack overflow

Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file...

Heap overflow

Heap-based buffer overflow in the Shockwave Flash SWF frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file...

Design/Logic Flaw

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

CVE-2008-3066

Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file...

CVE-2008-3064

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

CVE-2007-5400

Heap-based buffer overflow in the Shockwave Flash SWF frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file...

CVE-2008-3064

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...

CVE-2008-3064

CVE-2008-3064 concerns an illegal resource reference vulnerability in RealNetworks RealPlayer ActiveX control. RealPlayer 10.x (and RealPlayer Enterprise) prior to build 6.0.12.1675 is affected. The underlying issue is an illegal resource reference that, when a user visits a crafted page with Rea...

RealNetworks RealPlayer SWF文件处理堆溢出漏洞

BUGTRAQ ID: 30370 CVECAN ID: CVE-2007-5400 RealPlayer是一款流行的多媒体播放器。 RealPlayer没有正确地处理Shockwave Flash（SWF）文件中的帧，如果用户受骗打开了恶意的SWF文件的话，就可以触发堆溢出，导致执行任意指令。 Real Networks RealPlayer 10.5 Build 6.0.12.1483 Real Networks ------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...