CVSS: 10.0EPSS: 45%CPEs: 23EXPL: 0CVE-2009-4246 – RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-4246
Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values. Desbordamiento de búfer basado en pila en RealNetworks RealPlayer 10, RealPlayer v10.5 6.0.12.1040 hasta v6.0.12.1741, RealPlayer 11 v11.0.0 hasta 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 y v10.1, Linux RealPlayer 10, y Helix Player v10.x, permite a atacantes remotos asistidos por usuarios locales ejecutar código de su elección a través de un fichero "skin" .RJS que contiene un fichero web.xmb con las longitudes de cadena manipuladas. This vulnerability allows remote attackers to execute code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a user must visit a malicious website or open a malicious file and accept a dialog to switch player skins. The specific flaw exists during parsing of malformed RealPlayer .RJS skin files. While loading a skin the application copies certain variable length fields from the extracted file named web.xmb into a statically sized buffer. • http://secunia.com/advisories/38218 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en http://www.securityfocus.com/archive/1/509104/100/0/threaded http://www.securityfocus.com/bid/37880 http://www.vupen.com/english/advisories/2010/0178 http://www.zerodayinitiative.com/advisories/ZDI-10-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/55799 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 81%CPEs: 1EXPL: 0CVE-2009-0375
https://notcve.org/view.php?id=CVE-2009-0375
Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin. Archivo dll en RealNetworks RealPlayer 11, permite a atacantes remotos ejecutar código de su elección a través de un archivo Internet Video Recording (IVR) manipulado con un campo con un nombre de archivo largo que contiene un entero largo, lo que provoca la sobreescritura de una región de memoria con un valor en bytes de 0x00, relacionado con el uso de RealPlayer a través del componente de Windows Explorer. • http://secunia.com/advisories/33810 http://secunia.com/advisories/38218 http://service.real.com/realplayer/security/01192010_player/en http://www.fortiguardcenter.com/advisory/FGA-2009-04.html http://www.securityfocus.com/archive/1/500722/100/0/threaded http://www.securityfocus.com/bid/33652 http://www.vupen.com/english/advisories/2010/0178 https://exchange.xforce.ibmcloud.com/vulnerabilities/48567 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 95%CPEs: 1EXPL: 0CVE-2009-0376 – RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-0376
Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin. Archivo dll en RealNetworks RealPlayer 11, permite a atacantes remotos ejecutar código de su elección a través de un archivo Internet Video Recording (IVR) manipulado con un campo modificado que controla el tamaño de una estructura sin especificar y lanza una corrupción en el montículo (heap), relacionado con el uso de RealPlayer a través del componente de Windows Explorer. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer's parsing of IVR files. The process trusts size values present in the file and uses them unsafely in various file I/O and memory allocation operations. • http://secunia.com/advisories/33810 http://secunia.com/advisories/38218 http://service.real.com/realplayer/security/01192010_player/en http://www.fortiguardcenter.com/advisory/FGA-2009-04.html http://www.securityfocus.com/archive/1/500722/100/0/threaded http://www.securityfocus.com/archive/1/509097/100/0/threaded http://www.securityfocus.com/bid/33652 http://www.vupen.com/english/advisories/2010/0178 http://www.zerodayinitiative.com/advisories/ZDI-10-009 https://exchange.xforce • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2008-3064
https://notcve.org/view.php?id=CVE-2008-3064
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability." Vulnerabilidad sin especificar en RealNetworks RealPlayer Enterprise, RealPlayer 10, y RealPlayer 10.5 anterior a la build 6.0.12.1675 tiene un impacto y vectores de ataque desconocidos, probablemente relacionados con el acceso a archivos locales, también conocida como "vulnerabilidad de referencia a un recurso local". • http://service.real.com/realplayer/security/07252008_player/en http://www.securityfocus.com/archive/1/494934/100/0/threaded http://www.securityfocus.com/bid/30378 http://www.securitytracker.com/id?1020564 http://www.vupen.com/english/advisories/2008/2194/references https://exchange.xforce.ibmcloud.com/vulnerabilities/44014 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 77%CPEs: 3EXPL: 0CVE-2007-5400 – RealPlayer: SWF Frame Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5400
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file. Desbordamiento de búfer basado en montículo en el manejador de ventanas (SWF) en RealNetworks RealPlayer 10.5 Build 6.0.12.1483, puede permitir a atacantes remotos ejecutar código de su elección a través de un archivo SWF manipulado. • http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://secunia.com/advisories/27620 http://secunia.com/advisories/31321 http://secunia.com/advisories/35416 http://secunia.com/secunia_research/2007-93/advisory http://securityreason.com/securityalert/4048 http://service.real.com/realplayer/security/07252008_player/en http://www.kb.cert.org/vuls/id/298651 http://www.redhat.com/support/errata/RHSA-2008-0812.html http://www.securityfocus.com/archive/1/494749& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •