Realnetworks Realplayer vulnerabilities
167 known vulnerabilities affecting realnetworks/realplayer.
Total CVEs
167
CISA KEV
0
Public exploits
24
Exploited in wild
1
Severity breakdown
CRITICAL118HIGH13MEDIUM32LOW4
Vulnerabilities
Page 6 of 9
CVE-2013-1750P3CRITICALCVSS 9.3≤ 16.0.0.282v4+36 more2013-03-20
CVE-2013-1750 [CRITICAL] CWE-119 CVE-2013-1750: Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
nvd
CVE-2010-4390P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4390 [CRITICAL] CWE-119 CVE-2010-4390: Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0
Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file.
nvd
CVE-2010-4379P3CRITICALCVSS 9.3v11.0v11.0.1+7 more2010-12-14
CVE-2010-4379 [CRITICAL] CWE-119 CVE-2010-4379: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted SIPR file.
nvd
CVE-2010-2999P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-2999 [CRITICAL] CWE-189 CVE-2010-2999: Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file.
nvd
CVE-2010-2997P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-2997 [CRITICAL] CWE-399 CVE-2010-2997: Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitl
nvd
CVE-2007-5081P3CRITICALCVSS 9.3v8.0v10.0+2 more2007-10-31
CVE-2007-5081 [CRITICAL] CWE-119 CVE-2007-5081: Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.
nvd
CVE-2010-4386P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4386 [CRITICAL] CWE-119 CVE-2010-4386: RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2.
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted RealMedia video file.
nvd
CVE-2011-2948P3CRITICALCVSS 9.3v11.0v11.1+12 more2011-08-18
CVE-2011-2948 [CRITICAL] CWE-119 CVE-2011-2948: RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafte
nvd
CVE-2013-4974P3CRITICALCVSS 9.3≤ 16.0.2.32v10.0+30 more2013-08-27
CVE-2013-4974 [CRITICAL] CWE-119 CVE-2013-4974: RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attacke
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.
nvd
CVE-2012-1904P4MEDIUMCVSS 4.3PoC≤ 15.0.0v4+26 more2012-03-28
CVE-2012-1904 [MEDIUM] CWE-119 CVE-2012-1904: mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and Re
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.
nvd
CVE-2010-4383P3CRITICALCVSS 9.3v11.0v11.0.1+8 more2010-12-14
CVE-2010-4383 [CRITICAL] CWE-119 CVE-2010-4383: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 12.0.0.1444, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted RA5 file.
nvd
CVE-2010-4385P3CRITICALCVSS 9.3v11.0v11.0.1+7 more2010-12-14
CVE-2010-4385 [CRITICAL] CWE-189 CVE-2010-4385: Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Real
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via crafted frame dimensions in an SIPR stream.
nvd
CVE-2010-4387P3CRITICALCVSS 9.3v11.0v11.0.1+7 more2010-12-14
CVE-2010-4387 [CRITICAL] CWE-119 CVE-2010-4387: The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, M
The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio stream in a RealMedia file.
nvd
CVE-2008-0098P3CRITICALCVSS 10.0v11_build_6.0.14.7482008-01-08
CVE-2008-0098 [CRITICAL] CWE-119 CVE-2008-0098: Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code
Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
nvd
CVE-2011-4261P3CRITICALCVSS 9.3≤ 14.0.7v4+28 more2011-11-24
CVE-2011-4261 [CRITICAL] CWE-119 CVE-2011-4261: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a d
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.
nvd
CVE-2010-4380P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-12-14
CVE-2010-4380 [CRITICAL] CWE-119 CVE-2010-4380: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted SOUND file.
nvd
CVE-2010-4381P3CRITICALCVSS 9.3v11.0v11.0.1+7 more2010-12-14
CVE-2010-4381 [CRITICAL] CWE-119 CVE-2010-4381: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 allows remote attackers to have an unspecified impact via a crafted AAC file.
nvd
CVE-2010-2578P3CRITICALCVSS 9.3v11.0v11.0.1+6 more2010-10-19
CVE-2010-2578 [CRITICAL] CWE-119 CVE-2010-2578: Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file.
nvd
CVE-2010-0125P3CRITICALCVSS 10.0v11.0v11.0.1+7 more2010-12-14
CVE-2010-0125 [CRITICAL] CWE-264 CVE-2010-0125: RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, which has unspecified impact and remote attack vectors.
nvd
CVE-2006-6847P4MEDIUMCVSS 5.0PoCv10.5v10.5_6.0.12.1016_beta+6 more2006-12-31
CVE-2006-6847 [MEDIUM] CVE-2006-6847: An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause
An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument.
nvd