25 matches found
EUVD-2005-0349
Malware in sbrugna...
EUVD-2011-5253
Malware in sbrugna...
EUVD-2005-0348
Malware in sbrugna...
CVE-2011-10028
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
CVE-2011-10028
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
CVE-2011-10028
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
CVE-2011-10028 RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
CVE-2011-10028
CVE-2011-10028 affects RealArcade/RealNetworks RealArcade platform via an ActiveX control (InstallerDlg.dll, 2.6.0.445) exposing Exec through StubbyUtil.ProcessMgr COM. The method allows remote attackers to execute arbitrary commands on a Windows machine without proper validation or restrictions....
CVE-2011-10028 RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
PT-2025-34109 · Undefined · Undefined
The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...
RealNetworks RealArcade 安全漏洞
RealNetworks RealArcade is a gaming service from RealNetworks USA. A security vulnerability exists in RealNetworks RealArcade that stems from an ActiveX control exposing the Exec method, which could lead to the execution of arbitrary commands...
CVE-2013-2604
RealNetworks GameHouse RealArcade Installer aka ActiveMARK Game Installer 2.6.0.481 and 3.0.7 uses weak permissions Create Files/Write Data for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated...
Type confusion
The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via craft...
CVE-2013-2603
The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via craft...
CVE-2013-2604
CVE-2013-2604 affects RealNetworks GameHouse RealArcade Installer (ActiveMARK Game Installer) 2.6.0.481 and 3.0.7. The weakness is permissions in the GameHouse Games directory tree that allow local users to place a Trojan horse DLL (e.g., DDRAW.DLL) in an individual game’s directory, enabling pri...
realnetworks realarcade 1.2 .0.994 Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12494/info Multiple remote vulnerabilities reportedly affect RealNetworks RealArcade. The first issue allows for arbitrary file deletion due to an input validation issue. The second issue is an integer overflow issue...
CVE-2005-0347
Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow...
CVE-2005-0348
Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. dot dot in the FILENAME tag...
rna_deleter.rgp
RealArcade download My Games 06/13/2001 10:51 RealArcade RealNetworks http://www.real.com Copyright 2001, RealNetworks [email protected] RealGames Server RealGames Server games-dl.real.com /gameconsole/games/demorgses/%f Not used in Beta1 Flux 950258D1-7ABD-4afc-8886-449B98CE8224 1.0 Demo RGI...
CVE-2005-0348
The CVE-2005-0348 entry concerns RealArcade 1.2.0.994 and describes a directory-traversal vulnerability. An attacker can use an RGP file containing .. in the FILENAME tag to delete arbitrary files remotely. Public details in CVE descriptions (NVD/CVE pages) confirm the affected software version a...