CVSS: 9.3EPSS: 95%CPEs: 21EXPL: 0CVE-2007-2264 – RealPlayer RA Field Size File Processing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2264
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header. Un desbordamiento de búfer en la región Heap de la memoria en RealNetworks RealPlayer las versiones 8, 10, 10.1 y posiblemente 10.5; RealOne Player versiones 1 y 2; y RealPlayer Enterprise permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo RAM (.ra o .ram) con un valor de gran tamaño en el encabezado RA. This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .ra/.ram file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined size field in the RA header. Specifying a large unsigned value data can trigger a heap corruption and further result in arbitrary code execution under the context of the logged in user. • http://secunia.com/advisories/27361 http://securitytracker.com/id?1018866 http://service.real.com/realplayer/security/10252007_player/en http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.securityfocus.com/archive/1/483113/100/0/threaded http://www.securityfocus.com/bid/26214 http://www.vupen.com/english/advisories/2007/3628 http://www.zerodayinitiative.com/advisories/ZDI-07-063.html https://exchange.xforce.ibmcloud.com/vulnerabilities/37437 https://oval.cisecu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 95%CPEs: 10EXPL: 1CVE-2007-3410 – RealNetworks RealPlayer/HelixPlayer - SMIL wallclock Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-3410
Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. Un desbordamiento de búfer en la región stack de la memoria en la función SmilTimeValue::parseWallClockValue en el archivo smlprstime.cpp en RealNetworks RealPlayer versiones 10, 10.1 y posiblemente 10.5, RealOne Player, RealPlayer Enterprise y Helix Player versión 10.5-GOLD y versiones 10.0.5 hasta 10.0.8, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo SMIL (SMIL2) con un valor wallclock largo. • https://www.exploit-db.com/exploits/4118 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547 http://osvdb.org/37374 http://osvdb.org/38342 http://secunia.com/advisories/25819 http://secunia.com/advisories/25859 http://secunia.com/advisories/26463 http://secunia.com/advisories/26828 http://secunia.com/advisories/27361 http://security.gentoo.org/glsa/glsa-200709-05.xml http://securitytracker.com/id?1018297 http://securitytracker.com/id?1018299 http:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 96%CPEs: 6EXPL: 3CVE-2006-0323 – RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-0323
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. Desbordamiento de buffer en swfformat.dll en múltiples productos y versiones RealNetworks incluyendo RealPlayer 10.x, RealOne Player, Rhapsody 3 y Helix Player permite a atacantes remotos ejecutar código arbitrario a través de un archivo SWF (Flash) manipulado con (1) un valor de tamaño que es menor que el tamaño real o (2) otras manipulaciones no especificadas. • https://www.exploit-db.com/exploits/1622 https://www.exploit-db.com/exploits/27460 http://secunia.com/advisories/19358 http://secunia.com/advisories/19362 http://secunia.com/advisories/19365 http://secunia.com/advisories/19390 http://securityreason.com/securityalert/690 http://securitytracker.com/id?1015806 http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml http://www.kb.cert.org/vuls/id/231028 http://www.novell.com/linux/security/advisories/2006_18_realplayer. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0CVE-2006-1370
https://notcve.org/view.php?id=CVE-2006-1370
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file. • http://secunia.com/advisories/19358 http://securitytracker.com/id?1015810 http://www.kb.cert.org/vuls/id/451556 http://www.securityfocus.com/bid/17202 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisories/2006/1057 https://exchange.xforce.ibmcloud.com/vulnerabilities/25411 •
CVSS: 9.3EPSS: 2%CPEs: 32EXPL: 1CVE-2005-2922
https://notcve.org/view.php?id=CVE-2005-2922
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. • http://secunia.com/advisories/19358 http://secunia.com/advisories/19365 http://securitytracker.com/id?1015808 http://www.kb.cert.org/vuls/id/172489 http://www.novell.com/linux/security/advisories/2006_18_realplayer.html http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-788.html http://www.securityfocus.com/bid/17202 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •