Realnetworks » Realplayer » 14.0.2 : Security Vulnerabilities, CVEs, Published In 2014 (Code Execution)
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.
Max CVSS
9.3
EPSS Score
3.12%
Published
2014-05-20
Updated
2014-05-20
Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 allow remote attackers to execute arbitrary code via a malformed (1) elst or (2) stsz atom in an MP4 file.
Max CVSS
9.3
EPSS Score
3.68%
Published
2014-07-07
Updated
2017-01-07
CVE-2013-7260
Public exploit
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
Max CVSS
7.5
EPSS Score
96.39%
Published
2014-01-03
Updated
2020-05-11
3 vulnerabilities found