Realplayer Security Vulnerabilities and Issues — Realplayer CVE List

Lucene search

RealnetworksRealplayer

12 matches found

CVE•added 2007/06/26 10:30 p.m.•54 views

CVE-2007-3410

Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via...

9.3CVSS7.8AI score0.29384EPSS

CVE•added 2007/10/31 5:46 p.m.•50 views

CVE-2007-4599

Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist (PLS) file.

9.3CVSS7.9AI score0.16761EPSS

CVE•added 2007/10/31 5:46 p.m.•49 views

CVE-2007-5080

Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.

9.3CVSS7.9AI score0.35049EPSS

CVE•added 2007/10/31 5:46 p.m.•48 views

CVE-2007-2263

Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.

9.3CVSS7.9AI score0.10003EPSS

CVE•added 2007/01/03 2:0 a.m.•46 views

CVE-2006-6847

An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument.

5CVSS7AI score0.05098EPSS

CVE•added 2007/10/31 5:46 p.m.•46 views

CVE-2007-2264

Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header.

9.3CVSS7.8AI score0.12025EPSS

CVE•added 2007/12/04 6:46 p.m.•46 views

CVE-2007-6224

The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPlayer 11, allows remote attackers to cause a denial of service (browser crash) via a certain argument to the GetSourceTransport method.

5CVSS6.6AI score0.00684EPSS

CVE•added 2007/10/31 5:46 p.m.•45 views

CVE-2007-5081

9.3CVSS7.7AI score0.08765EPSS

CVE•added 2007/09/17 4:17 p.m.•43 views

CVE-2007-4904

RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.

4.3CVSS6.6AI score0.03853EPSS

CVE•added 2007/10/20 8:17 p.m.•43 views

CVE-2007-5601

Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import me...

9.3CVSS7.8AI score0.67392EPSS

Web

CVE•added 2007/05/04 12:19 a.m.•37 views

CVE-2007-2497

RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct.

7.8CVSS6.6AI score0.03548EPSS

CVE•added 2007/12/04 6:46 p.m.•34 views

CVE-2007-6235

A certain ActiveX control in RealNetworks RealPlayer 11 allows remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. NOTE: this might be related to CVE-2007-4904.

5CVSS6.4AI score0.03853EPSS