Realnetworks Realplayer vulnerabilities
167 known vulnerabilities affecting realnetworks/realplayer.
Total CVEs
167
CISA KEV
0
Public exploits
24
Exploited in wild
1
Severity breakdown
CRITICAL118HIGH13MEDIUM32LOW4
Vulnerabilities
Page 3 of 9
CVE-2012-0925P3CRITICALCVSS 9.3v14.0.0v14.0.1+21 more2012-02-08
CVE-2012-0925 [CRITICAL] CWE-94 CVE-2012-0925: Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 1
Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream.
nvd
CVE-2010-3751P3CRITICALCVSS 9.3v11.0v11.0.1+5 more2010-10-19
CVE-2010-3751 [CRITICAL] CWE-119 CVE-2010-3751: Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 1
Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler.
nvd
CVE-2010-4392P3CRITICALCVSS 9.3v11.0v11.0.1+8 more2010-12-14
CVE-2010-4392 [CRITICAL] CWE-119 CVE-2010-4392: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap data in a RealMedia file, related to certain improper
nvd
CVE-2010-4376P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4376 [CRITICAL] CWE-119 CVE-2010-4376: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream.
nvd
CVE-2010-2998P3CRITICALCVSS 9.3v11.0v11.0.1+5 more2010-10-19
CVE-2010-2998 [CRITICAL] CWE-20 CVE-2010-2998: Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 a
Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue.
nvd
CVE-2010-0120P3CRITICALCVSS 9.3v11.0v11.12010-08-30
CVE-2010-0120 [CRITICAL] CWE-119 CVE-2010-0120: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 throug
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.
nvd
CVE-2011-4254P3CRITICALCVSS 10.0≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4254 [CRITICAL] CWE-94 CVE-2011-4254: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
nvd
CVE-2016-9018P4MEDIUMCVSS 5.5PoCv18.1.5.7052016-10-28
CVE-2016-9018 [MEDIUM] CWE-476 CVE-2016-9018: Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null point
Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file.
nvd
CVE-2009-0376P3CRITICALCVSS 9.3v112009-02-08
CVE-2009-0376 [CRITICAL] CWE-119 CVE-2009-0376: Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040
Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file
nvd
CVE-2009-4247P3CRITICALCVSS 9.3v10.0v10.5+8 more2010-01-25
CVE-2009-4247 [CRITICAL] CWE-119 CVE-2009-4247: Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer
Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remot
nvd
CVE-2010-4389P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4389 [CRITICAL] CWE-119 CVE-2010-4389: Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlaye
Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via unspecified data in the initialization buffer.
nvd
CVE-2010-4375P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4375 [CRITICAL] CWE-119 CVE-2010-4375: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via malformed multi-rate data in an audio stream.
nvd
CVE-2011-2949P3CRITICALCVSS 9.3v11.0v11.1+11 more2011-08-18
CVE-2011-2949 [CRITICAL] CWE-119 CVE-2011-2949: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, R
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file.
nvd
CVE-2012-0922P3CRITICALCVSS 9.3v14.0.0v14.0.1+21 more2012-02-08
CVE-2012-0922 [CRITICAL] CWE-94 CVE-2012-0922: rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0
rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.
nvd
CVE-2012-5690P3CRITICALCVSS 9.3≤ 16.0.0v4+32 more2012-12-19
CVE-2012-5690 [CRITICAL] CWE-94 CVE-2012-5690: RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers
RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer.
nvd
CVE-2010-4393P3CRITICALCVSS 9.3v11.0v11.1+2 more2011-01-31
CVE-2010-4393 [CRITICAL] CWE-119 CVE-2010-4393: Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x be
Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.
nvd
CVE-2009-4246P3CRITICALCVSS 9.3v10.0v10.5+8 more2010-01-25
CVE-2009-4246 [CRITICAL] CWE-119 CVE-2009-4246: Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.1
Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a w
nvd
CVE-2009-4241P3CRITICALCVSS 9.3v10.0v10.5+8 more2010-01-25
CVE-2009-4241 [CRITICAL] CWE-119 CVE-2009-4241: Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12
Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger hea
nvd
CVE-2009-4248P3CRITICALCVSS 9.3v10.0v10.5+8 more2010-01-25
CVE-2009-4248 [CRITICAL] CWE-119 CVE-2009-4248: Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.
Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a d
nvd
CVE-2010-4377P3CRITICALCVSS 9.3v11.0v11.0.1+7 more2010-12-14
CVE-2010-4377 [CRITICAL] CWE-119 CVE-2010-4377: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Real Audio file.
nvd