Filtered by vendor Realnetworks Subscriptions
Filtered by product Realplayer Subscriptions
Total 171 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-3748 1 Realnetworks 2 Realplayer, Realplayer Sp 2024-09-16 N/A
Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2012-5691 1 Realnetworks 2 Realplayer, Realplayer Sp 2024-09-16 N/A
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.
CVE-2011-4244 1 Realnetworks 1 Realplayer 2024-09-16 N/A
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2011-4254 1 Realnetworks 1 Realplayer 2024-09-16 N/A
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
CVE-2005-2054 1 Realnetworks 2 Realone Player, Realplayer 2024-09-16 N/A
Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file.
CVE-2011-4246 1 Realnetworks 1 Realplayer 2024-09-16 N/A
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2010-3750 1 Realnetworks 2 Realplayer, Realplayer Sp 2024-09-16 N/A
rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file.
CVE-2011-4256 1 Realnetworks 1 Realplayer 2024-09-16 N/A
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-4262 1 Realnetworks 1 Realplayer 2024-09-16 N/A
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file.
CVE-2011-4245 1 Realnetworks 1 Realplayer 2024-09-16 N/A
The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2012-5690 1 Realnetworks 2 Realplayer, Realplayer Sp 2024-09-16 N/A
RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer.
CVE-2010-3751 1 Realnetworks 2 Realplayer, Realplayer Sp 2024-09-16 N/A
Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler.
CVE-2011-4258 1 Realnetworks 1 Realplayer 2024-09-16 N/A
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
CVE-2000-0280 1 Realnetworks 1 Realplayer 2024-08-08 N/A
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
CVE-2002-1321 1 Realnetworks 2 Realone Player, Realplayer 2024-08-08 N/A
Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename.
CVE-2002-0415 1 Realnetworks 1 Realplayer 2024-08-08 N/A
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.
CVE-2002-0337 1 Realnetworks 1 Realplayer 2024-08-08 N/A
RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files.
CVE-2003-0141 1 Realnetworks 3 Realone Enterprise Desktop, Realone Player, Realplayer 2024-08-08 N/A
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
CVE-2004-1798 1 Realnetworks 3 Realone Enterprise Desktop, Realone Player, Realplayer 2024-08-08 N/A
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.
CVE-2004-1481 1 Realnetworks 3 Helix Player, Realone Player, Realplayer 2024-08-08 N/A
Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.