Realnetworks : Security Vulnerabilities (CVSS score between 6 and 6.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2012-4987 |
119 |
1
|
Exec Code Overflow |
2012-11-04 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature. |
2 |
CVE-2012-2410 |
119 |
|
DoS Overflow |
2012-09-12 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2409. |
3 |
CVE-2012-2408 |
119 |
|
DoS Overflow Mem. Corr. |
2012-09-12 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding. |
4 |
CVE-2012-1985 |
352 |
|
DoS CSRF |
2012-04-17 |
2017-12-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL. |
5 |
CVE-2010-5228 |
|
|
+Priv |
2012-09-07 |
2012-09-07 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 allows local users to gain privileges via a Trojan horse rio500.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: some of these details are obtained from third party information. |
6 |
CVE-2004-0049 |
|
|
DoS |
2004-02-17 |
2008-09-05 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. |
Total number of vulnerabilities :
6
Page :
1
(This Page)