CVE-2006-0323 – RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-0323
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. Desbordamiento de buffer en swfformat.dll en múltiples productos y versiones RealNetworks incluyendo RealPlayer 10.x, RealOne Player, Rhapsody 3 y Helix Player permite a atacantes remotos ejecutar código arbitrario a través de un archivo SWF (Flash) manipulado con (1) un valor de tamaño que es menor que el tamaño real o (2) otras manipulaciones no especificadas. • https://www.exploit-db.com/exploits/1622 https://www.exploit-db.com/exploits/27460 http://secunia.com/advisories/19358 http://secunia.com/advisories/19362 http://secunia.com/advisories/19365 http://secunia.com/advisories/19390 http://securityreason.com/securityalert/690 http://securitytracker.com/id?1015806 http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml http://www.kb.cert.org/vuls/id/231028 http://www.novell.com/linux/security/advisories/2006_18_realplayer. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-1370
https://notcve.org/view.php?id=CVE-2006-1370
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file. • http://secunia.com/advisories/19358 http://securitytracker.com/id?1015810 http://www.kb.cert.org/vuls/id/451556 http://www.securityfocus.com/bid/17202 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisories/2006/1057 https://exchange.xforce.ibmcloud.com/vulnerabilities/25411 •
CVE-2005-2922
https://notcve.org/view.php?id=CVE-2005-2922
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. • http://secunia.com/advisories/19358 http://secunia.com/advisories/19365 http://securitytracker.com/id?1015808 http://www.kb.cert.org/vuls/id/172489 http://www.novell.com/linux/security/advisories/2006_18_realplayer.html http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-788.html http://www.securityfocus.com/bid/17202 http://www.service.real.com/realplayer/security/03162006_player/en http://www.vupen.com/english/advisor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-4126
https://notcve.org/view.php?id=CVE-2005-4126
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. • http://www.eeye.com/html/research/upcoming/20051130.html http://www.securityfocus.com/bid/15691 •
CVE-2005-3677
https://notcve.org/view.php?id=CVE-2005-3677
Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different. • http://marc.info/?l=bugtraq&m=113181464921104&w=2 http://secunia.com/advisories/17514 http://service.real.com/help/faq/security/051110_player/EN http://www.securityfocus.com/bid/15398 •