CVE-2007-5081 – realplayer rm file heap overflow
https://notcve.org/view.php?id=CVE-2007-5081
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. Un desbordamiento de búfer en la región heap de la memoria en RealNetworks RealPlayer versiones 8, 10, 10.1 y posiblemente 10.5; RealOne Player versiones 1 y 2; y RealPlayer Enterprise, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo RM diseñado. • http://osvdb.org/38340 http://secunia.com/advisories/27361 http://securitytracker.com/id?1018866 http://service.real.com/realplayer/security/10252007_player/en http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.securityfocus.com/bid/26214 http://www.vupen.com/english/advisories/2007/3628 https://exchange.xforce.ibmcloud.com/vulnerabilities/37435 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625 https://access.redhat.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5080
https://notcve.org/view.php?id=CVE-2007-5080
Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow. Desbordamiento de entero en RealNetworks RealPlayer 10 y 10.5, REalOne Player 1, y RealPlayer Enterprise para Windows permite a atacantes remotos ejecutar código de su elección mediante una etiqueta Lyrics3 2.00 manipulada en un archivo MP3, resultando en un desbordamiento de búfer basado en montículo. • http://secunia.com/advisories/27361 http://service.real.com/realplayer/security/10252007_player/en http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.kb.cert.org/vuls/id/759385 http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags http://www.securityfocus.com/bid/26214 http://www.securitytracker.com/id?1018866 http://www.vupen.com/english/advisories/2007/3628 https://exchange.xforce.ibmcloud.com/vulnerabilities/37434 • CWE-189: Numeric Errors •
CVE-2007-4599 – RealNetworks RealPlayer PLS File Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2007-4599
Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist (PLS) file. Un desbordamiento de búfer en la región stack de la memoria en RealNetworks RealPlayer versiones 10 y posiblemente en 10.5, y RealOne Player versiones 1 y 2, para Windows, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo de lista de reproducción (PLS) diseñada. This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .pls file or visit a malicious web site. The specific flaw exists during the parsing of corrupted playlist files. Malicious corruption causes RealPlayer to call into a static heap address which can be leveraged by an attacker resulting in arbitrary code execution under the context of the logged in user. • http://osvdb.org/38341 http://secunia.com/advisories/27361 http://securitytracker.com/id?1018866 http://service.real.com/realplayer/security/10252007_player/en http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.securityfocus.com/archive/1/483112/100/0/threaded http://www.securityfocus.com/bid/26214 http://www.vupen.com/english/advisories/2007/3628 http://www.zerodayinitiative.com/advisories/ZDI-07-062.html https://exchange.xforce.ibmcloud.com/vulnerabilities • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-2264 – RealPlayer RA Field Size File Processing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2264
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header. Un desbordamiento de búfer en la región Heap de la memoria en RealNetworks RealPlayer las versiones 8, 10, 10.1 y posiblemente 10.5; RealOne Player versiones 1 y 2; y RealPlayer Enterprise permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo RAM (.ra o .ram) con un valor de gran tamaño en el encabezado RA. This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .ra/.ram file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined size field in the RA header. Specifying a large unsigned value data can trigger a heap corruption and further result in arbitrary code execution under the context of the logged in user. • http://secunia.com/advisories/27361 http://securitytracker.com/id?1018866 http://service.real.com/realplayer/security/10252007_player/en http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.securityfocus.com/archive/1/483113/100/0/threaded http://www.securityfocus.com/bid/26214 http://www.vupen.com/english/advisories/2007/3628 http://www.zerodayinitiative.com/advisories/ZDI-07-063.html https://exchange.xforce.ibmcloud.com/vulnerabilities/37437 https://oval.cisecu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5601 – RealPlayer - 'ierpplug.dll' ActiveX Control Playlist Name Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5601
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. Un desbordamiento de búfer en la región stack de la memoria en el Database Component en la biblioteca MPAMedia.dll en RealNetworks RealPlayer versiones 10.5 y 11 beta, y anteriores, incluyendo versión 10, RealOne Player y RealOne Player versión 2, permite a atacantes remotos ejecutar código arbitrario por medio de ciertos nombres de lista de reproducción, como es demostrado por medio del método import en el control ActiveX IERPCtl en la biblioteca ierpplug.dl. • https://www.exploit-db.com/exploits/16497 https://www.exploit-db.com/exploits/30692 http://secunia.com/advisories/27248 http://service.real.com/realplayer/security/191007_player/en http://www.infosecblog.org/2007/10/nasa-bans-ie.html http://www.kb.cert.org/vuls/id/871673 http://www.securityfocus.com/bid/26130 http://www.securitytracker.com/id?1018843 http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html http://www.us& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •