Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Realone_player
(Realnetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 37 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-10-20 | CVE-2003-0726 | RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag. | Realone_desktop_manager, Realone_enterprise_desktop, Realone_player | N/A | ||
| 2004-12-31 | CVE-2004-1481 | Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | Helix_player, Realone_player, Realplayer | N/A | ||
| 2004-12-31 | CVE-2004-1416 | pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | Internet_explorer, Realone_player | N/A | ||
| 2018-07-03 | CVE-2018-13121 | RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file. | Realone_player | 5.5 | ||
| 2007-10-31 | CVE-2007-5081 | Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. | Realone_player, Realplayer, Realplayer_enterprise | N/A | ||
| 2007-10-31 | CVE-2007-5080 | Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow. | Realone_player, Realplayer, Realplayer_enterprise | N/A | ||
| 2007-10-31 | CVE-2007-4599 | Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist (PLS) file. | Realone_player, Realplayer | N/A | ||
| 2007-06-26 | CVE-2007-3410 | Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. | Helix_player, Realone_player, Realplayer, Realplayer_enterprise | N/A | ||
| 2007-10-31 | CVE-2007-2264 | Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header. | Realone_player, Realplayer, Realplayer_enterprise | N/A | ||
| 2007-10-31 | CVE-2007-2263 | Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers. | Realone_player, Realplayer, Realplayer_enterprise | N/A |