35 matches found
EUVD-2011-4200
Malware in sbrugna...
EUVD-2010-3000
Malware in sbrugna...
CVE-2011-4258
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file...
CVE-2010-2998
Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue...
Denial Of Service (DoS) Via High CPU And Memory Consumption
FFmpeg is vulnerable to denial of service DoS attacks. These attacks are possible because FFmpeg does not check for an EOF End of File in the ivrreadheader function of libavformat/rmdec.c. This leads to high CPU and memory consumption when a malicious IVR file with a large len field in the header...
ALPINE-CVE-2017-14054
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivrreadheader due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would...
CVE-2017-14054
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivrreadheader due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would...
CVE-2017-14054
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivrreadheader due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would...
CVE-2017-14054
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivrreadheader due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would...
RealPlayer <= 14.0.1.633 Heap Overflow Vulnerability
No description provided by source. Luigi Auriemma Application: RealPlayer http://www.real.com Versions: = 14.0.1.633 Platforms: Windows, Macintosh OSX, Linux, Symbian, Palm Bug: heap overflow Exploitation: remote Date: 21 Mar 2011 found 17 Feb 2011 Author: Luigi Auriemma e-mail:...
FreePBX 'usersnum'参数远程命令执行漏洞
BUGTRAQ ID: 65756 FreePBX是开源Web PBX解决方案。 FreePBX 2.x版本和其他版本在实现上存在远程命令执行漏洞,攻击者可利用此漏洞在受影响应用上下文中执行任意命令。 0 FreePBX FreePBX 2.x 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://freepbx.org/trac Vulnerable function "recordingaddpage" @ admin/modules/recordings/page.recordings.php function...
RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Code injection
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file...
CVE-2011-4258
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file...
CVE-2011-4258
RealNetworks RealPlayer prior to 15.0.0 is affected by CVE-2011-4258 due to improper parsing of an IVR MLTI chunk length, allowing remote code execution. Exploitation typically requires user interaction (visit a malicious page or open a crafted file). Vendor advisory indicates the flaw is in the ...
RealPlayer for Windows < Build 12.0.1.647 Multiple Vulnerabilities
According to its build number, the installed version of RealPlayer on the remote Windows host is affected by multiple vulnerabilities : - The OpenURLInDefaultBrowser method will open and execute the first parameter based on the operating system's default handler for the filetype and is accessible...
RealNetworks RealPlayer IVR File Processing Buffer Overflow Vulnerability - Windows
RealPlayer is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-1525
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording IVR file...
CVE-2011-1525
RealPlayer is affected by a heap-based buffer overflow in rvrender.dll that can be triggered by a crafted IVR file to execute arbitrary code remotely. Vulnerable products include RealPlayer 11.0–11.1 and 14.0.0–14.0.2, and RealPlayer SP 1.0–1.1.5. The issue arises from processing IVR frames and h...
RealNetworks RealPlayer Multiple Vulnerabilities (Windows) - Dec10
This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealplayermultvulnwin03dec10.nasl 5373 2017-02-20 16:27:48Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Windows - Dec10 Authors: Sooraj KS Updated By: Sooraj KS on...