CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 2CVE-2007-2497 – RealPlayer 10 - '.ra' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-2497
RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct. RealNetworks RealPlayer 10 Gold permite a atacantes remotos provocar una denegación de servicio (agotamiento de memoria) mediante un fichero .ra concreto. NOTA. Este tema fue tratado como un "agujero de memoria" pero no está claro que sea correcto. • https://www.exploit-db.com/exploits/3819 http://osvdb.org/41730 http://www.securityfocus.com/bid/23712 •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0CVE-2006-1370
https://notcve.org/view.php?id=CVE-2006-1370
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file. • http://secunia.com/advisories/19358 http://securitytracker.com/id?1015810 http://www.kb.cert.org/vuls/id/451556 http://www.securityfocus.com/bid/17202 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisories/2006/1057 https://exchange.xforce.ibmcloud.com/vulnerabilities/25411 •
CVSS: 9.3EPSS: 2%CPEs: 32EXPL: 1CVE-2005-2922
https://notcve.org/view.php?id=CVE-2005-2922
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. • http://secunia.com/advisories/19358 http://secunia.com/advisories/19365 http://securitytracker.com/id?1015808 http://www.kb.cert.org/vuls/id/172489 http://www.novell.com/linux/security/advisories/2006_18_realplayer.html http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-788.html http://www.securityfocus.com/bid/17202 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2005-4126
https://notcve.org/view.php?id=CVE-2005-4126
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. • http://www.eeye.com/html/research/upcoming/20051130.html http://www.securityfocus.com/bid/15691 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2936
https://notcve.org/view.php?id=CVE-2005-2936
Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file. • http://secunia.com/advisories/19358 http://securitytracker.com/id?1015223 http://service.real.com/help/faq/security/security111605.html http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities http://www.securityfocus.com/bid/15448 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisories/2006/1057 • CWE-264: Permissions, Privileges, and Access Controls •