Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Realone_player
(Realnetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 37 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-10-20 | CVE-2003-0726 | RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag. | Realone_desktop_manager, Realone_enterprise_desktop, Realone_player | N/A | ||
| 2004-12-31 | CVE-2004-1481 | Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | Helix_player, Realone_player, Realplayer | N/A | ||
| 2004-12-31 | CVE-2004-1416 | pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | Internet_explorer, Realone_player | N/A | ||
| 2018-07-03 | CVE-2018-13121 | RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file. | Realone_player | 5.5 | ||
| 2007-10-31 | CVE-2007-5081 | Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. | Realone_player, Realplayer, Realplayer_enterprise | N/A | ||
| 2007-10-31 | CVE-2007-5080 | Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow. | Realone_player, Realplayer, Realplayer_enterprise | N/A | ||
| 2007-10-31 | CVE-2007-4599 | Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist (PLS) file. | Realone_player, Realplayer | N/A |