Page 11 of 117 results (0.016 seconds)

CVSS: 9.3EPSS: 1%CPEs: 24EXPL: 0

Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog. Vulnerabilidad de uso después de liberación en RealNetworks RealPlayer v11.0 hasta la v11.1 y v14.0.0 hasta la v14.0.5, RealPlayer SP 1.0 a v1.1.5, y RealPlayer Enterprise v2.0 a v2.1.5, cuando se utiliza el RealPlayer incrustado en otras aplicaciones, permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados con un diálogo modal. • http://service.real.com/realplayer/security/08162011_player/en http://www.securitytracker.com/id?1025943 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 17%CPEs: 24EXPL: 0

RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file. RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, RealPlayer SP v1.0 a v1.1.5, RealPlayer Enterprise v2.0 a v2.1.5 y Mac RealPlayer v12.0.0.1569 no gestionan adecuadamente los campos DEFINEFONT en los archivos SWF, lo que permite ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria heap) a atacantes remotos a través de un archivo debidamente modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer handles DEFINEFONT fields in Flash Files. When the process parses corrupt a ShapeRecord with the DefineFont record it reads outside a stack buffer and uses a random stack value as a heap pointer. • http://service.real.com/realplayer/security/08162011_player/en http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-268 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 23%CPEs: 23EXPL: 0

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file. Una vulnerabilidad de desbordamiento de buffer basado en memoria dinámica (heap) en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, RealPlayer SP v1.0 a v1.1.5, y RealPlayer Enterprise v2.0 a v2.1.5 permite a atacantes remotos ejecutar código de su elección a través de etiquetas ID3v2 debidamente modificadas en un archivo MP3. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer handles ID3v2 Tags. RealPlayer creates a fixed size buffer for certain tags and will then populate them with the data from the file. • http://service.real.com/realplayer/security/08162011_player/en http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 94%CPEs: 18EXPL: 1

Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. Desbordamiento de buffer basado en memoria dinámica (heap) en qcpfformat.dll en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, y RealPlayer SP v1.0 a v1.1.5 permite a atacantes remotos ejecutar código de su elección mediante un archivo QCP debidamente modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within qcpfformat.dll, which is responsible for parsing QCP media files. The process creates a static 256 byte allocation on the heap and trusts a user-supplied counter from the file within a memory copy loop. • https://www.exploit-db.com/exploits/17849 http://securityreason.com/securityalert/8388 http://service.real.com/realplayer/security/08162011_player/en http://www.securityfocus.com/bid/49172 http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 23%CPEs: 19EXPL: 0

Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file. Un desbordamiento de búfer en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, RealPlayer SP v1.0 a v1.1.5 y Mac RealPlayer v12.0.0.1569 permite a atacantes remotos ejecutar código de su elección a través de un campo raw_data_frame debidamente modificado en un archivo AAC. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the application using a size defined in a header in order to allocate some number of bytes. When processing an AAC raw_data_frame, the application will use the product of the original length and a field inside one of its elements. • http://service.real.com/realplayer/security/08162011_player/en http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-266 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •