Realplayer@10.5 Security Vulnerabilities and Issues — Page 2 of Realplayer@10.5 CVE List

Lucene search

RealnetworksRealplayer10.5

69 matches found

CVE•added 2007/10/20 8:17 p.m.•43 views

CVE-2007-5601

Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import me...

9.3CVSS7.8AI score0.67392EPSS

CVE•added 2011/11/24 11:55 a.m.•43 views

CVE-2011-4249

Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS7.8AI score0.0391EPSS

CVE•added 2012/05/18 6:55 p.m.•43 views

CVE-2012-2406

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.

9.3CVSS7.7AI score0.04318EPSS

CVE•added 2013/08/27 3:34 a.m.•43 views

CVE-2013-4974

RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.

9.3CVSS7.9AI score0.04931EPSS

CVE•added 2011/11/24 11:55 a.m.•42 views

CVE-2011-4257

The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.

9.3CVSS7.8AI score0.02764EPSS

CVE•added 2012/09/12 10:38 a.m.•42 views

CVE-2012-2407

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data u...

7.5CVSS7.7AI score0.00501EPSS

CVE•added 2012/09/12 10:38 a.m.•42 views

CVE-2012-2409

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-24...

7.5CVSS7.5AI score0.00501EPSS

CVE•added 2012/09/12 10:38 a.m.•42 views

CVE-2012-3234

RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) or possibly have unsp...

7.5CVSS7.4AI score0.0046EPSS

CVE•added 2005/02/06 5:0 a.m.•41 views

CVE-2005-0190

Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extensi...

2.6CVSS6.8AI score0.03112EPSS

CVE•added 2008/07/28 5:41 p.m.•41 views

CVE-2008-3064

Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."

10CVSS6.1AI score0.00709EPSS

CVE•added 2011/04/06 4:55 p.m.•41 views

CVE-2011-1525

Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.

9.3CVSS8.1AI score0.34532EPSS

CVE•added 2011/11/24 11:55 a.m.•41 views

CVE-2011-4250

Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.6AI score0.05217EPSS

CVE•added 2011/11/24 11:55 a.m.•41 views

CVE-2011-4261

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.

9.3CVSS7.8AI score0.02518EPSS

CVE•added 2011/11/24 11:55 a.m.•40 views

CVE-2011-4258

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.

9.3CVSS7.6AI score0.02764EPSS

CVE•added 2011/11/24 11:55 a.m.•40 views

CVE-2011-4260

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.

9.3CVSS7.6AI score0.02764EPSS

CVE•added 2011/11/24 11:55 a.m.•39 views

CVE-2011-4246

The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS8AI score0.05217EPSS

CVE•added 2006/12/27 1:28 a.m.•38 views

CVE-2006-6759

A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments.

5CVSS6.9AI score0.04236EPSS

CVE•added 2011/11/24 11:55 a.m.•37 views

CVE-2011-4254

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.

10CVSS7.7AI score0.06372EPSS

CVE•added 2011/11/24 11:55 a.m.•36 views

CVE-2011-4252

The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.

9.3CVSS7.5AI score0.02764EPSS

Total number of security vulnerabilities69