Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-2055 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 5.0 MEDIUM | N/A |
RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | |||||
CVE-2005-2630 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | |||||
CVE-2005-0755 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. | |||||
CVE-2005-2629 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481. | |||||
CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 7.8 HIGH | N/A |
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
CVE-2004-1416 | 2 Microsoft, Realnetworks | 2 Internet Explorer, Realone Player | 2023-12-10 | 5.1 MEDIUM | N/A |
pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | |||||
CVE-2002-1015 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2023-12-10 | 7.5 HIGH | N/A |
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers. | |||||
CVE-2004-1481 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | |||||
CVE-2004-0258 | 1 Realnetworks | 4 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player and 1 more | 2023-12-10 | 7.6 HIGH | N/A |
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | |||||
CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2023-12-10 | 5.0 MEDIUM | N/A |
RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 7.8 HIGH | N/A |
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | |||||
CVE-2005-0189 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | |||||
CVE-2005-0192 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 2.6 LOW | N/A |
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. | |||||
CVE-2004-0550 | 1 Realnetworks | 1 Realplayer | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. | |||||
CVE-2004-0273 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2023-12-10 | 9.3 HIGH | N/A |
Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. | |||||
CVE-2004-1798 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | |||||
CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2023-12-10 | 2.6 LOW | N/A |
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
CVE-2002-0415 | 1 Realnetworks | 1 Realplayer | 2023-12-10 | 1.7 LOW | N/A |
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275. | |||||
CVE-2002-1014 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image. | |||||
CVE-1999-0896 | 1 Realnetworks | 1 Realserver G2 | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. |