Search Results (218 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0942 1 Realnetworks 2 Helix Mobile Server, Helix Server 2025-04-11 N/A
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials.
CVE-2012-1904 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.
CVE-2012-2268 1 Realnetworks 2 Helix Mobile Server, Helix Server 2025-04-11 N/A
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different vulnerability than CVE-2012-1923.
CVE-2012-2407 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data unpacking.
CVE-2012-2409 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2410.
CVE-2013-3299 1 Realnetworks 1 Realplayer 2025-04-11 N/A
RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string.
CVE-2010-3750 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file.
CVE-2013-4973 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
CVE-2013-7260 1 Realnetworks 1 Realplayer 2025-04-11 N/A
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
CVE-2010-4377 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2025-04-11 N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Real Audio file.
CVE-2010-4596 1 Realnetworks 2 Helix Mobile Server, Helix Server 2025-04-11 N/A
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.
CVE-2010-2996 2 Microsoft, Realnetworks 2 Windows, Realplayer 2025-04-11 N/A
Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to execute arbitrary code via a malformed header in a RealMedia .IVR file.
CVE-2010-3001 2 Microsoft, Realnetworks 3 Windows, Realplayer, Realplayer Sp 2025-04-11 N/A
Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors related to "multiple browser windows."
CVE-2010-3002 2 Microsoft, Realnetworks 2 Windows, Realplayer 2025-04-11 N/A
Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows attackers to bypass intended access restrictions on files via unknown vectors.
CVE-2013-1750 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
CVE-2012-2267 1 Realnetworks 2 Helix Mobile Server, Helix Server 2025-04-11 N/A
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (daemon crash) by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923.
CVE-2012-2408 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding.
CVE-2010-0120 2 Microsoft, Realnetworks 3 Windows, Realplayer, Realplayer Sp 2025-04-11 N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.
CVE-2010-0416 2 Realnetworks, Redhat 3 Helix Player, Realplayer, Enterprise Linux 2025-04-11 N/A
Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits.
CVE-2011-1426 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename corresponding to a crafted RNX file.