Realnetworks : Security Vulnerabilities (Overflow)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2014-3113	119		Exec Code Overflow	2014-07-07	2017-01-06	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 allow remote attackers to execute arbitrary code via a malformed (1) elst or (2) stsz atom in an MP4 file.
2	CVE-2013-7260	119	1	Exec Code Overflow	2014-01-03	2017-08-28	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
3	CVE-2013-6877	119		Exec Code Overflow	2013-12-19	2016-12-30	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allows remote attackers to execute arbitrary code via a long string in the TRACKID element of an RMP file, a different vulnerability than CVE-2013-7260.
4	CVE-2013-4974	119		DoS Exec Code Overflow Mem. Corr.	2013-08-26	2013-09-11	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.
5	CVE-2013-4973	119		Exec Code Overflow	2013-08-26	2013-09-11	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
6	CVE-2013-1750	119		Exec Code Overflow	2013-03-20	2013-03-21	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
7	CVE-2012-5691	119		Exec Code Overflow	2012-12-19	2012-12-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.
8	CVE-2012-4987	119	1	Exec Code Overflow	2012-11-04	2017-08-28	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature.
9	CVE-2012-2411	119		Exec Code Overflow	2012-05-18	2017-08-28	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file.
10	CVE-2012-2410	119		DoS Overflow	2012-09-12	2017-08-28	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2409.
11	CVE-2012-2409	119		DoS Overflow	2012-09-12	2017-08-28	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2410.
12	CVE-2012-2408	119		DoS Overflow Mem. Corr.	2012-09-12	2017-08-28	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding.
13	CVE-2012-2407	119		DoS Overflow	2012-09-12	2017-08-28	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data unpacking.
14	CVE-2012-1904	119	1	DoS Overflow Mem. Corr.	2012-03-28	2012-08-24	4.3	None	Remote	Medium	Not required	None	None	Partial
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.
15	CVE-2012-0942	119		Exec Code Overflow	2012-04-17	2017-12-28	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials.
16	CVE-2011-4261	119		DoS Exec Code Overflow Mem. Corr.	2011-11-24	2012-03-08	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.
17	CVE-2011-4246	119		DoS Exec Code Overflow Mem. Corr.	2011-11-24	2011-11-24	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
18	CVE-2011-4245	119		DoS Exec Code Overflow Mem. Corr.	2011-11-24	2012-03-08	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
19	CVE-2011-4244	119		Exec Code Overflow	2011-11-24	2012-03-08	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.
20	CVE-2011-2953	119		Exec Code Overflow	2011-08-18	2011-10-05	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition.
21	CVE-2011-2951	119		Exec Code Overflow	2011-08-18	2011-10-05	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file.
22	CVE-2011-2950	119		Exec Code Overflow	2011-08-18	2012-02-13	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.
23	CVE-2011-2949	119		Exec Code Overflow	2011-08-18	2011-10-05	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file.
24	CVE-2011-2948	119		DoS Exec Code Overflow Mem. Corr.	2011-08-18	2011-10-05	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.
25	CVE-2011-2945	119		Exec Code Overflow	2011-08-18	2011-10-05	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.
26	CVE-2011-1525	119	1	Exec Code Overflow	2011-04-06	2017-08-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.
27	CVE-2010-4596	119		Exec Code Overflow	2011-04-04	2011-04-06	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.
28	CVE-2010-4397	189		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file.
29	CVE-2010-4395	119		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data.
30	CVE-2010-4394	119		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 allows remote web servers to execute arbitrary code via a long Server header in a response to an HTTP request that occurs during parsing of a RealPix file.
31	CVE-2010-4393	119		Exec Code Overflow	2011-01-31	2017-08-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.
32	CVE-2010-4392	119		Exec Code Overflow	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap data in a RealMedia file, related to certain improper integer calculations.
33	CVE-2010-4391	119		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allows remote attackers to execute arbitrary code via a crafted value in an unspecified header field in an RMX file.
34	CVE-2010-4390	119		Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file.
35	CVE-2010-4389	119		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via unspecified data in the initialization buffer.
36	CVE-2010-4387	119		DoS Exec Code Overflow Mem. Corr.	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio stream in a RealMedia file.
37	CVE-2010-4386	119		DoS Exec Code Overflow Mem. Corr.	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted RealMedia video file.
38	CVE-2010-4385	189		Overflow	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via crafted frame dimensions in an SIPR stream.
39	CVE-2010-4383	119		Overflow	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 12.0.0.1444, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted RA5 file.
40	CVE-2010-4382	119		Overflow	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to have an unspecified impact via a crafted RealMedia file.
41	CVE-2010-4381	119		Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 allows remote attackers to have an unspecified impact via a crafted AAC file.
42	CVE-2010-4380	119		Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted SOUND file.
43	CVE-2010-4379	119		Overflow	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted SIPR file.
44	CVE-2010-4378	119		DoS Exec Code Overflow Mem. Corr.	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
The drv2.dll (aka RV20 decompression) module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted value of an unspecified length field in an RV20 video stream.
45	CVE-2010-4377	119		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Real Audio file.
46	CVE-2010-4376	119		Exec Code Overflow	2010-12-14	2011-01-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream.
47	CVE-2010-4375	119		Exec Code Overflow	2010-12-14	2011-01-26	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via malformed multi-rate data in an audio stream.
48	CVE-2010-3751	119		Exec Code Overflow	2010-10-18	2010-10-19	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler.
49	CVE-2010-3748	119		Overflow	2010-10-18	2010-10-19	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.
50	CVE-2010-3747	119		DoS Exec Code Overflow	2010-10-18	2011-09-21	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI.

Total number of vulnerabilities : 110 Page : 1 (This Page)2 3