Realplayer@11.0.3 Security Vulnerabilities and Issues — Page 2 of Realplayer@11.0.3 CVE List

Lucene search

RealnetworksRealplayer11.0.3

85 matches found

CVE•added 2012/05/18 6:55 p.m.•43 views

CVE-2012-2406

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.

9.3CVSS7.7AI score0.04318EPSS

CVE•added 2013/08/27 3:34 a.m.•43 views

CVE-2013-4974

RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.

9.3CVSS7.9AI score0.04931EPSS

CVE•added 2010/12/14 4:0 p.m.•42 views

CVE-2010-2579

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory acc...

5CVSS6.3AI score0.00237EPSS

CVE•added 2010/12/14 4:0 p.m.•42 views

CVE-2010-4382

Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to have an unspecified impact via a crafted RealMe...

9.3CVSS6.7AI score0.01304EPSS

CVE•added 2010/12/14 4:0 p.m.•42 views

CVE-2010-4386

RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted RealMedia video file.

9.3CVSS7.7AI score0.04105EPSS

CVE•added 2010/12/14 4:0 p.m.•42 views

CVE-2010-4390

Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file.

9.3CVSS6.8AI score0.01348EPSS

CVE•added 2011/11/24 11:55 a.m.•42 views

CVE-2011-4257

The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.

9.3CVSS7.8AI score0.02764EPSS

CVE•added 2012/02/08 3:55 p.m.•42 views

CVE-2012-0922

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.

9.3CVSS7.7AI score0.04552EPSS

CVE•added 2012/02/08 3:55 p.m.•42 views

CVE-2012-0924

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.

9.3CVSS7.6AI score0.03385EPSS

CVE•added 2012/09/12 10:38 a.m.•42 views

CVE-2012-2407

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data u...

7.5CVSS7.7AI score0.00501EPSS

CVE•added 2012/09/12 10:38 a.m.•42 views

CVE-2012-2409

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-24...

7.5CVSS7.5AI score0.00501EPSS

CVE•added 2012/09/12 10:38 a.m.•42 views

CVE-2012-3234

RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) or possibly have unsp...

7.5CVSS7.4AI score0.0046EPSS

CVE•added 2010/12/14 4:0 p.m.•41 views

CVE-2010-4385

Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via crafted frame dimensions in an SIPR...

9.3CVSS7AI score0.00992EPSS

CVE•added 2011/04/06 4:55 p.m.•41 views

CVE-2011-1525

Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.

9.3CVSS8.1AI score0.34532EPSS

CVE•added 2011/11/24 11:55 a.m.•41 views

CVE-2011-4250

Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.6AI score0.05217EPSS

CVE•added 2011/11/24 11:55 a.m.•41 views

CVE-2011-4261

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.

9.3CVSS7.8AI score0.02518EPSS

CVE•added 2012/02/08 3:55 p.m.•41 views

CVE-2012-0925

Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream.

9.3CVSS7.7AI score0.04552EPSS

CVE•added 2010/12/14 4:0 p.m.•40 views

CVE-2010-4387

The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio st...

9.3CVSS7.7AI score0.02647EPSS

CVE•added 2010/12/14 4:0 p.m.•40 views

CVE-2010-4395

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data.

9.3CVSS8AI score0.06898EPSS

CVE•added 2010/12/14 4:0 p.m.•40 views

CVE-2010-4396

Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary web script or HTML in the Local Zone by specifying a ...

4.3CVSS6AI score0.00285EPSS

CVE•added 2010/12/14 4:0 p.m.•40 views

CVE-2010-4397

Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file.

9.3CVSS7.8AI score0.02624EPSS

CVE•added 2011/11/24 11:55 a.m.•40 views

CVE-2011-4258

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.

9.3CVSS7.6AI score0.02764EPSS

CVE•added 2011/11/24 11:55 a.m.•40 views

CVE-2011-4260

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.

9.3CVSS7.6AI score0.02764EPSS

CVE•added 2012/02/08 3:55 p.m.•40 views

CVE-2012-0923

The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream.

9.3CVSS7.7AI score0.04367EPSS

CVE•added 2012/02/08 3:55 p.m.•40 views

CVE-2012-0928

The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file.

9.3CVSS7.5AI score0.03378EPSS

CVE•added 2010/12/14 4:0 p.m.•39 views

CVE-2010-0121

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors.

10CVSS6.5AI score0.00404EPSS

CVE•added 2010/12/14 4:0 p.m.•39 views

CVE-2010-0125

RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, which has unspecified impact and remote attack vectors.

10CVSS6.7AI score0.00404EPSS

CVE•added 2010/10/19 12:0 a.m.•39 views

CVE-2010-3749

The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (do...

9.3CVSS6.9AI score0.05823EPSS

CVE•added 2011/11/24 11:55 a.m.•39 views

CVE-2011-4246

The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS8AI score0.05217EPSS

CVE•added 2010/10/19 12:0 a.m.•38 views

CVE-2010-3750

rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Pr...

9.3CVSS7.7AI score0.01516EPSS

CVE•added 2010/12/14 4:0 p.m.•37 views

CVE-2010-4389

Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via unspecified data in the initialization buffer.

9.3CVSS8.2AI score0.06898EPSS

CVE•added 2010/12/14 4:0 p.m.•37 views

CVE-2010-4394

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 allows remote web servers to execute arbitrary code via a long Server header in a response to an HTTP request that occurs during parsing of a RealPix file.

9.3CVSS8.1AI score0.01534EPSS

CVE•added 2011/11/24 11:55 a.m.•37 views

CVE-2011-4254

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.

10CVSS7.7AI score0.06372EPSS

CVE•added 2010/12/14 4:0 p.m.•36 views

CVE-2010-4391

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allows remote attackers to execute arbitrary code via a crafted value in an unspecified header field in an RMX file.

9.3CVSS8.1AI score0.20632EPSS

CVE•added 2011/11/24 11:55 a.m.•36 views

CVE-2011-4252

The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.

9.3CVSS7.5AI score0.02764EPSS

Total number of security vulnerabilities85