Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2023-12-10 | 4.6 MEDIUM | N/A |
RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
CVE-2004-0387 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. | |||||
CVE-2003-1509 | 1 Realnetworks | 2 Realone Enterprise Desktop, Realone Player | 2023-12-10 | 10.0 HIGH | N/A |
Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | |||||
CVE-2002-1321 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename. | |||||
CVE-2004-0774 | 1 Realnetworks | 2 Helix Universal Mobile Server And Gateway, Helix Universal Server | 2023-12-10 | 7.8 HIGH | N/A |
RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length header set to -1. | |||||
CVE-2000-0001 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 5.0 MEDIUM | N/A |
RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. | |||||
CVE-2002-0337 | 1 Realnetworks | 1 Realplayer | 2023-12-10 | 5.4 MEDIUM | N/A |
RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | |||||
CVE-2003-0725 | 1 Realnetworks | 2 Helix Universal Server, Realserver | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code. | |||||
CVE-2002-1643 | 1 Realnetworks | 1 Helix Universal Server | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments. | |||||
CVE-2004-0049 | 1 Realnetworks | 2 Helix Universal Mobile Server, Helix Universal Server | 2023-12-10 | 6.8 MEDIUM | N/A |
Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | |||||
CVE-2000-0474 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 7.8 HIGH | N/A |
Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory. | |||||
CVE-2003-1117 | 1 Realnetworks | 2 Realsystem Proxy, Realsystem Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2000-1181 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. | |||||
CVE-2003-0141 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2023-12-10 | 5.1 MEDIUM | N/A |
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | |||||
CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 4.6 MEDIUM | N/A |
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | |||||
CVE-2002-0207 | 1 Realnetworks | 2 Realone Player, Realplayer Intranet | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header. | |||||
CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 2.6 LOW | N/A |
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. |