5 matches found
RealNetworks RealPlayer RecordClip Parameter Injection Code Execution (CVE-2010-3749)
RealNetworks RealPlayer is a cross-platform media player that supports multiple multimedia formats such as: MP3, MPEG-4, QuickTime, Windows Media, and RealAudio and RealVideo formats. RealPlayer contains many features including streaming capabilities, media browser, video download, and CD ripping...
RealNetworks RealPlayer Multiple Vulnerabilities (Dec 2010) - Windows
RealPlayer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3749
The CVE-2010-3749 flaw affects RealNetworks RealPlayer 11.0–11.1 and RealPlayer SP 1.0–1.1, in the browser-plugin/ActiveX implementation for the RecordClip method. A specific argument containing a double-quote enables parameter injection that allows remote code execution: an attacker can craft a ...
CVE-2010-3749
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a "...
RealPlayer for Windows < Build 12.0.0.879 Multiple Vulnerabilities
According to its build number, the installed version of RealPlayer on the remote Windows host has multiple buffer overflow vulnerabilities : - A RealPlayer malformed 'IVR' pointer index code execution vulnerability exists. CVE-2010-2996, CVE-2010-2998 - A RealPlayerActiveX unauthorized file acces...