cbcvebase.

Realnetworks Realplayer vulnerabilities

167 known vulnerabilities affecting realnetworks/realplayer.

Total CVEs
167
CISA KEV
0
Public exploits
24
Exploited in wild
1
Severity breakdown
CRITICAL118HIGH13MEDIUM32LOW4

Vulnerabilities

Page 4 of 9
CVE-2013-4973P3CRITICALCVSS 9.3≤ 16.0.2.32v10.0+30 more2013-08-27
CVE-2013-4973 [CRITICAL] CWE-119 CVE-2013-4973: Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 throu Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
nvd
CVE-2010-3750P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-10-19
CVE-2010-3750 [CRITICAL] CWE-20 CVE-2010-3750: rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and Real rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media f
nvd
CVE-2011-2945P3CRITICALCVSS 9.3v11.0v11.1+6 more2011-08-18
CVE-2011-2945 [CRITICAL] CWE-119 CVE-2011-2945: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 an Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.
nvd
CVE-2012-0928P3CRITICALCVSS 9.3v14.0.0v14.0.1+21 more2012-02-08
CVE-2012-0928 [CRITICAL] CWE-94 CVE-2012-0928: The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1 The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file.
nvd
CVE-2011-4262P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4262 [CRITICAL] CVE-2011-4262: Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execut Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file.
nvd
CVE-2011-2952P3CRITICALCVSS 9.3v11.0v11.1+12 more2011-08-18
CVE-2011-2952 [CRITICAL] CWE-399 CVE-2011-2952: Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box.
nvd
CVE-2011-2955P3CRITICALCVSS 9.3v11.0v11.1+12 more2011-08-18
CVE-2011-2955 [CRITICAL] CWE-399 CVE-2011-2955: Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog.
nvd
CVE-2011-4257P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4257 [CRITICAL] CWE-94 CVE-2011-4257: The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.
nvd
CVE-2011-4260P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4260 [CRITICAL] CWE-94 CVE-2011-4260: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malfor RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.
nvd
CVE-2009-4245P3CRITICALCVSS 9.3v10.0v10.5+8 more2010-01-25
CVE-2009-4245 [CRITICAL] CWE-119 CVE-2009-4245: Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12 Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a
nvd
CVE-2010-4397P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4397 [CRITICAL] CWE-189 CVE-2010-4397: Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file.
nvd
CVE-2011-4249P3CRITICALCVSS 10.0≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4249 [CRITICAL] CWE-20 CVE-2011-4249: Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2011-4248P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4248 [CRITICAL] CWE-94 CVE-2011-4248: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malfor RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file.
nvd
CVE-2011-4258P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4258 [CRITICAL] CWE-94 CVE-2011-4258: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
nvd
CVE-2011-4247P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4247 [CRITICAL] CWE-94 CVE-2011-4247: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream.
nvd
CVE-2011-4251P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4251 [CRITICAL] CWE-94 CVE-2011-4251: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file.
nvd
CVE-2007-5080P3CRITICALCVSS 9.3v10.0v10.52007-10-31
CVE-2007-5080 [CRITICAL] CWE-189 CVE-2007-5080: Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.
nvd
CVE-2007-5400P3CRITICALCVSS 9.3v10.0v10.52008-07-28
CVE-2007-5400 [CRITICAL] CWE-119 CVE-2007-5400: Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10 Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
nvd
CVE-2010-4391P3CRITICALCVSS 9.3v11.0v11.0.1+7 more2010-12-14
CVE-2010-4391 [CRITICAL] CWE-119 CVE-2010-4391: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1 Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allows remote attackers to execute arbitrary code via a crafted value in an unspecified header field in an RMX file.
nvd
CVE-2009-0375P3CRITICALCVSS 9.3v112009-02-08
CVE-2009-0375 [CRITICAL] CWE-94 CVE-2009-0375: Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0 Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a file
nvd
Realnetworks Realplayer vulnerabilities | cvebase