Realnetworks

Realplayer

170 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2005-0189

  • EPSS 22.23%
  • Veröffentlicht 06.10.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument.

2.6

CVE-2005-0192

  • EPSS 2.35%
  • Veröffentlicht 06.10.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.

2.6

CVE-2005-0190

  • EPSS 3.11%
  • Veröffentlicht 29.09.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends wit...

7.5

CVE-2004-0550

  • EPSS 3.28%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters.

5.1

CVE-2004-0387

  • EPSS 6.29%
  • Veröffentlicht 01.06.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.

5.1

CVE-2003-0141

  • EPSS 0.24%
  • Veröffentlicht 02.04.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compres...

7.5

CVE-2002-1321

  • EPSS 3.85%
  • Veröffentlicht 11.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a ...

1.7

CVE-2002-0415

  • EPSS 0.37%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.

5.4

CVE-2002-0337

  • EPSS 1.03%
  • Veröffentlicht 25.06.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files.

2.6

CVE-2000-0280

Exploit
  • EPSS 3.47%
  • Veröffentlicht 03.04.2000 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.