1046 matches found
CVE-2007-2264
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM .ra or .ram file with a large size value in the RA header...
CVE-2007-4599
Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist PLS file...
CVE-2007-5080
Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow...
CVE-2007-5081
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file...
CVE-2007-2264
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM .ra or .ram file with a large size value in the RA header...
CVE-2007-2263
CVE-2007-2263 describes a heap-based buffer overflow in RealNetworks RealPlayer/RealOne/HelixPlayer when processing SWF files with malformed record headers, allowing remote code execution. The underlying flaw is in how RealPlayer’s SWF parsing handles header records, enabling an attacker to craft...
CVE-2007-5081
CVE-2007-5081 is a remote-code-execution heap overflow in RealNetworks RealPlayer/RealOne and RealPlayer Enterprise, triggered by crafted RM files. Affected: RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; RealPlayer Enterprise. Root cause: boundary/size handling in RM processi...
CVE-2007-5080
CVE-2007-5080 : Multiple RealNetworks RealPlayer family components (RealPlayer 10/10.5, RealOne Player 1, RealPlayer Enterprise) on Windows are affected by a heap-based buffer overflow triggered while processing Lyrics3 2.00 tags in MP3 files. The vulnerability would allow a remote attacker to ex...
CVE-2007-2264
The CVE-2007-2264 issue is a heap overflow in RealNetworks RealPlayer/RealOne/HelixPlayer when processing RA/RAM headers with an overly large size field. Affected products include RealPlayer 8, 10, 10.1 (and possibly 10.5), RealOne Player 1 and 2, and RealPlayer Enterprise. The underlying cause i...
CVE-2007-2263
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF Flash file with malformed record headers...
Heap overflow in RealPlayer ID3 tag parser
======= Summary ======= Name: Heap overflow in RealPlayer ID3 tag parsing code Release Date: 29 October 2007 Reference: NGS00432 Discover: John Heasman [email protected] Vendor: RealNetworks Systems Affected: Several builds of RealPlayer 10.5, All builds of RealPlayer 10. For additional affect...
RealNetworks RealPlayer PLS File Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .pls file or visit a malicious web site. The specific flaw exists during the parsing of corrupted playlist files. Malicious...
RealPlayer ActiveX control playlist name buffer overflow
Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...
US-CERT Technical Cyber Security Alert TA07-297A -- RealNetworks RealPlayer ActiveX Playlist Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-297A RealNetworks RealPlayer ActiveX Playlist Buffer Overflow Original release date: October 24, 2007 Last revised: -- Source: US-CERT Systems Affected Windows systems with RealPlayer 11...
RealPlayer ActiveX control playlist name buffer overflow
Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...
RealPlayer ActiveX control playlist name buffer overflow
Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...
RealPlayer ActiveX control playlist name buffer overflow
Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...
Stack overflow
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import...
CVE-2007-5601
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import...
CVE-2007-5601
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import...