Realnetworks

Realplayer

170 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2011-2947

  • EPSS 0.3%
  • Published 18.08.2011 23:55:00
  • Last modified 11.04.2025 00:51:21

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Loca...

9.3

CVE-2011-2948

  • EPSS 2.65%
  • Published 18.08.2011 23:55:00
  • Last modified 11.04.2025 00:51:21

RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote a...

9.3

CVE-2011-2949

  • EPSS 5.83%
  • Published 18.08.2011 23:55:00
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags i...

9.3

CVE-2011-1426

  • EPSS 4.38%
  • Published 18.04.2011 18:55:01
  • Last modified 11.04.2025 00:51:21

The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers...

9.3

CVE-2011-1525

Exploit
  • EPSS 34.53%
  • Published 06.04.2011 16:55:15
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recordi...

9.3

CVE-2011-0694

  • EPSS 6.36%
  • Published 21.02.2011 18:00:01
  • Last modified 11.04.2025 00:51:21

RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and exec...

9.3

CVE-2010-4393

  • EPSS 22.46%
  • Published 31.01.2011 21:00:03
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.

9.3

CVE-2010-4392

  • EPSS 5.42%
  • Published 14.12.2010 16:00:05
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers ...

9.3

CVE-2010-4394

  • EPSS 1.53%
  • Published 14.12.2010 16:00:05
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 allows remote web servers to execute arbitrary code via a long Server header in a response to an HTTP request that occurs during parsing of a ...

9.3

CVE-2010-4395

  • EPSS 6.9%
  • Published 14.12.2010 16:00:05
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data.