Realnetworks : Security Vulnerabilities, CVEs, Published In April 2011 (Code Execution)
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.
Max CVSS
9.3
EPSS Score
25.06%
Published
2011-04-06
Updated
2018-10-09
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename corresponding to a crafted RNX file.
Max CVSS
9.3
EPSS Score
33.58%
Published
2011-04-18
Updated
2018-10-09
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.
Max CVSS
9.3
EPSS Score
0.35%
Published
2011-04-04
Updated
2011-04-06
Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header.
Max CVSS
10.0
EPSS Score
1.20%
Published
2011-04-04
Updated
2011-04-06
4 vulnerabilities found