CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2010-3001
https://notcve.org/view.php?id=CVE-2010-3001
Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors related to "multiple browser windows." Vulnerabilidad sin especificar en un control ActiveX de un complemento de Internet Explorer (IE) de RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP v1.0 hasta la v1.1.4 en Windows. Tiene un impacto sin especificar y vectores de ataque relacionados con ventanas del navegador múltiples. • http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://service.real.com/realplayer/security/08262010_player/en http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61424 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7507 •
CVSS: 9.3EPSS: 78%CPEs: 13EXPL: 0CVE-2010-0116
https://notcve.org/view.php?id=CVE-2010-0116
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow. Desbordamiento de entero en RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP v1.0 hasta la v1.1.4 en Windows puede permitir a atacantes remotos ejecutar código de su elección a través de un fichero QCP modificado que provoca un desbordamiento de buffer basado en memoria dinámica. • http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://secunia.com/secunia_research/2010-3 http://service.real.com/realplayer/security/08262010_player/en http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61420 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7326 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 83%CPEs: 13EXPL: 0CVE-2010-0120
https://notcve.org/view.php?id=CVE-2010-0120
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content. Desbordamiento de buffer basado en memoria dinámica en RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP v1.0 hasta la v1.1.4 en Windows. Permite a atacantes remotos ejecutar código de su elección a través de valores de tamaño extensos en un contenido de audio QCP. • http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://secunia.com/secunia_research/2010-8 http://service.real.com/realplayer/security/08262010_player/en http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61422 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6807 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 40%CPEs: 13EXPL: 0CVE-2010-0117
https://notcve.org/view.php?id=CVE-2010-0117
RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content. RealNetworks RealPlayer v11.0 hasta la v11.1 y RealPlayer SP v1.0 hasta la v1.1.4 en Windows no maneja apropiadamente las dimensiones durante las transformaciones YUV420, lo que puede permitir a atacantes remotos ejecutar código de su elección a través de contenidos MP4 modificados. • http://secunia.com/advisories/41096 http://secunia.com/advisories/41154 http://secunia.com/secunia_research/2010-5 http://service.real.com/realplayer/security/08262010_player/en http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61421 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7169 •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3002
https://notcve.org/view.php?id=CVE-2010-3002
Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows attackers to bypass intended access restrictions on files via unknown vectors. Vulnerabilidad sin especificar en RealNetworks RealPlayer v11.0 hasta la v11.1. Permite a atacantes evitar las restricciones de acceso previstas en ficheros a través de vectores de ataque desconocidos. • http://secunia.com/advisories/41154 http://service.real.com/realplayer/security/08262010_player/en http://www.securitytracker.com/id?1024370 http://www.vupen.com/english/advisories/2010/2216 https://exchange.xforce.ibmcloud.com/vulnerabilities/61426 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7227 •