Page 13 of 69 results (0.006 seconds)

CVSS: 9.3EPSS: 18%CPEs: 16EXPL: 0

Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler. Múltiples desbordamientos de buffer de memoria dinámica en un control ActiveX de RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP 1.0 hasta la v1.1.4 permiten a atacantes remotos ejecutar código de su elección a través de un argumento .smil extenso al manejador del protocolo (1) tfile, (2) pnmm, o (3) cdda. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the RealPlayer ActiveX control. This module is responsible for handling the tfile, pnmm, cdda, protocol handlers. • http://service.real.com/realplayer/security/10152010_player/en http://www.securityfocus.com/bid/44144 http://www.zerodayinitiative.com/advisories/ZDI-10-213 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 10%CPEs: 17EXPL: 0

rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file. rjrmrpln.dll en RealNetworks RealPlayer v11.0 hasta la v11.1, RealPlayer SP 1.0 hasta la v1.1.4, y RealPlayer Enterprise v2.1.2 no valida apropiadamente el contenido de un fichero utilizado durante la interacción con un desbordamiento de memoria dinámica, lo que permite a atacantes remotos ejecutar código de su elección a través de elementos "Name Value Property" (NVP) en streams lógicos de un archivo multimedia. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must open a malicious website or media file. The specific flaw exists within the code responsible for parsing Name Value Property (NVP) elements from within logical streams in a RealPlayer media file. Specifically, a function within the rjrmrpln.dll file allocates a buffer on the heap which can be directly influenced from data within the file. This buffer is then written to using another value defined in the file and thus also controlled. • http://service.real.com/realplayer/security/10152010_player/en http://www.securityfocus.com/bid/44144 http://www.zerodayinitiative.com/advisories/ZDI-10-212 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 95%CPEs: 17EXPL: 1

An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI. Un control ActiveX en RealNetworks RealPlayer v11.0 hasta la v11.1, RealPlayer SP v1.0 hasta la v1.1.4, y RealPlayer Enterprise v2.1.2 no inicializa apropiadamente un componente objeto sin especificar durante el parseo de una URI CDDA, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (resolución de puntero sin inicializar y caída de la aplicación) a través de una URI extensa. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the parsing of long CDDA URIs due to a failure to initialize a particular component of an object. The application will later call a method in the object leading to the uninitialized pointer being called. • https://www.exploit-db.com/exploits/16998 http://securityreason.com/securityalert/8147 http://service.real.com/realplayer/security/10152010_player/en http://www.securityfocus.com/bid/44144 http://www.zerodayinitiative.com/advisories/ZDI-10-210 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 45%CPEs: 16EXPL: 2

The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection." La implementación del complemento del navegador de RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP 1.0 hasta la v1.1 no maneja apropiadamente un caracter sin especificar dentro de los argumentos del método RecordClip; lo que permite a atacantes remotos descargar programas de su elección en el ordenador cliente, y ejecutar estos programas, a través de una llamada a método modificada. Relacionado con un problema de inyección de parámetros. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the browser plugins provided by RealNetworks. • https://www.exploit-db.com/exploits/15991 http://service.real.com/realplayer/security/10152010_player/en http://www.exploit-db.com/exploits/15991 http://www.securityfocus.com/bid/44144 http://www.securityfocus.com/bid/44443 http://www.zerodayinitiative.com/advisories/ZDI-10-211 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0

Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors related to "multiple browser windows." Vulnerabilidad sin especificar en un control ActiveX de un complemento de Internet Explorer (IE) de RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP v1.0 hasta la v1.1.4 en Windows. Tiene un impacto sin especificar y vectores de ataque relacionados con ventanas del navegador múltiples. • http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://service.real.com/realplayer/security/08262010_player/en http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61424 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7507 •