Lucene search

K
RealnetworksRealplayer14.0.1

57 matches found

CVE
CVE
added 2012/12/19 11:55 a.m.138 views

CVE-2012-5691

Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.

9.3CVSS7.7AI score0.76917EPSS
CVE
CVE
added 2014/01/03 8:55 p.m.58 views

CVE-2013-7260

Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue th...

7.5CVSS7.6AI score0.78256EPSS
CVE
CVE
added 2011/01/31 9:0 p.m.55 views

CVE-2010-4393

Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.

9.3CVSS8AI score0.22458EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.49 views

CVE-2011-4247

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream.

9.3CVSS7.6AI score0.02764EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.48 views

CVE-2011-4256

The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.7AI score0.06372EPSS
CVE
CVE
added 2013/07/06 1:57 p.m.48 views

CVE-2013-3299

RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string.

4.3CVSS6.8AI score0.06507EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.47 views

CVE-2011-2952

Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box.

9.3CVSS7.7AI score0.02147EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.47 views

CVE-2011-2954

Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.8AI score0.02147EPSS
CVE
CVE
added 2012/03/28 10:55 a.m.47 views

CVE-2012-1904

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.

4.3CVSS6.8AI score0.10786EPSS
CVE
CVE
added 2013/03/20 6:55 p.m.47 views

CVE-2013-1750

Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.

9.3CVSS8AI score0.08885EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.46 views

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document.

4.3CVSS5.9AI score0.00296EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.46 views

CVE-2011-4259

Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file.

9.3CVSS7.5AI score0.02242EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.46 views

CVE-2011-4262

Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file.

9.3CVSS7.7AI score0.0174EPSS
CVE
CVE
added 2012/09/12 10:38 a.m.46 views

CVE-2012-2408

The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled...

6.8CVSS7.5AI score0.0043EPSS
CVE
CVE
added 2012/09/12 10:38 a.m.46 views

CVE-2012-2410

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-24...

6.8CVSS7.5AI score0.00501EPSS
CVE
CVE
added 2011/10/04 10:55 p.m.45 views

CVE-2011-1221

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone ...

4.3CVSS5.9AI score0.00296EPSS
CVE
CVE
added 2011/04/18 6:55 p.m.45 views

CVE-2011-1426

The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename co...

9.3CVSS7.6AI score0.04377EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.45 views

CVE-2011-2945

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.

9.3CVSS8.2AI score0.07036EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.45 views

CVE-2011-2951

Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file.

9.3CVSS7.8AI score0.07457EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.45 views

CVE-2011-4253

Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.6AI score0.05217EPSS
CVE
CVE
added 2013/08/27 3:34 a.m.45 views

CVE-2013-4973

Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.

9.3CVSS8AI score0.11834EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.44 views

CVE-2011-2948

RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a den...

9.3CVSS7.7AI score0.03426EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.44 views

CVE-2011-2953

An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bound...

10CVSS7.8AI score0.04988EPSS
CVE
CVE
added 2012/02/08 3:55 p.m.44 views

CVE-2012-0926

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream.

9.3CVSS7.6AI score0.03385EPSS
CVE
CVE
added 2012/02/08 3:55 p.m.44 views

CVE-2012-0927

Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving the coded_frame_size value in a RealAudio audio stream.

9.3CVSS7.7AI score0.03385EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.43 views

CVE-2011-2950

Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.

9.3CVSS7.8AI score0.71547EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.43 views

CVE-2011-4244

Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS8.3AI score0.05542EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.43 views

CVE-2011-4245

The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS8AI score0.05217EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.43 views

CVE-2011-4248

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file.

9.3CVSS7.7AI score0.02764EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.43 views

CVE-2011-4251

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file.

9.3CVSS7.6AI score0.02764EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.43 views

CVE-2011-4255

Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name.

10CVSS7.7AI score0.05217EPSS
CVE
CVE
added 2012/05/18 6:55 p.m.43 views

CVE-2012-2411

Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file.

9.3CVSS8AI score0.13386EPSS
CVE
CVE
added 2012/12/19 11:55 a.m.43 views

CVE-2012-5690

RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer.

9.3CVSS7.8AI score0.04291EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.42 views

CVE-2011-4249

Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS7.8AI score0.0391EPSS
CVE
CVE
added 2012/05/18 6:55 p.m.42 views

CVE-2012-2406

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.

9.3CVSS7.7AI score0.04318EPSS
CVE
CVE
added 2013/08/27 3:34 a.m.42 views

CVE-2013-4974

RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.

9.3CVSS7.9AI score0.04931EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.41 views

CVE-2011-2946

Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.8AI score0.05874EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.41 views

CVE-2011-4257

The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.

9.3CVSS7.8AI score0.02764EPSS
CVE
CVE
added 2012/02/08 3:55 p.m.41 views

CVE-2012-0922

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.

9.3CVSS7.7AI score0.04552EPSS
CVE
CVE
added 2012/02/08 3:55 p.m.41 views

CVE-2012-0924

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.

9.3CVSS7.6AI score0.03385EPSS
CVE
CVE
added 2012/09/12 10:38 a.m.41 views

CVE-2012-2407

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data u...

7.5CVSS7.7AI score0.00501EPSS
CVE
CVE
added 2012/09/12 10:38 a.m.41 views

CVE-2012-3234

RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) or possibly have unsp...

7.5CVSS7.4AI score0.0046EPSS
CVE
CVE
added 2011/02/21 6:0 p.m.40 views

CVE-2011-0694

RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser...

9.3CVSS7.2AI score0.06364EPSS
CVE
CVE
added 2011/04/06 4:55 p.m.40 views

CVE-2011-1525

Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.

9.3CVSS8.1AI score0.34532EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.40 views

CVE-2011-2955

Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal di...

9.3CVSS7.7AI score0.02147EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.40 views

CVE-2011-4261

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.

9.3CVSS7.8AI score0.02518EPSS
CVE
CVE
added 2012/02/08 3:55 p.m.40 views

CVE-2012-0925

Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream.

9.3CVSS7.7AI score0.04552EPSS
CVE
CVE
added 2012/09/12 10:38 a.m.40 views

CVE-2012-2409

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-24...

7.5CVSS7.5AI score0.00501EPSS
CVE
CVE
added 2011/08/18 11:55 p.m.39 views

CVE-2011-2949

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file.

9.3CVSS8.1AI score0.07457EPSS
CVE
CVE
added 2011/11/24 11:55 a.m.39 views

CVE-2011-4250

Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.6AI score0.05217EPSS
Total number of security vulnerabilities57