CVSS: 9.3EPSS: 4%CPEs: 33EXPL: 0CVE-2012-0922 – RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0922
08 Feb 2012 — rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file. rvrender.dll en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos ejecutar código arbitrario a través de banderas hechas a mano en un archivo de RMFF. This vulnerability allows remote attackers to execute arbitrary code on vulnerable ... • http://osvdb.org/78911 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 4%CPEs: 33EXPL: 0CVE-2012-0923 – RealNetworks RealPlayer RV20 Frame Size Array Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0923
08 Feb 2012 — The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream. El codec RV20 en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, no controla correctamente el tamaño de la matriz de marco, que permite a atacantes remotos ejecutar código arbitrario a través de un... • http://osvdb.org/78912 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 4%CPEs: 33EXPL: 0CVE-2012-0925 – RealNetworks RealPlayer RV40 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0925
08 Feb 2012 — Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream. Vulnerabilidad no especificada en el codec RV40 en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos ejecutar código arbitrario a través de una secuencia de flujo de vídeo RV40 RealVideo. This vu... • http://osvdb.org/78914 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 3%CPEs: 33EXPL: 0CVE-2012-0926 – RealNetworks RealPlayer RV10 Encoded Height/Width Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0926
08 Feb 2012 — The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream. El codec RV10 en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, no controla correctamente los valores de altura y anchura, lo que permite a atacantes remotos ejecutar código arbitrario a través... • http://secunia.com/advisories/47896 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 3%CPEs: 33EXPL: 0CVE-2012-0928 – RealNetworks RealPlayer ATRAC Sample Decoding Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0928
08 Feb 2012 — The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file. El codec ATRAC en RealNetworks RealPlayer v11.x y v14.x a través de v14.0.7, v1.0 a través de RealPlayer SP 1.1.5 y Mac RealPlayer 12.x anterior a v12.0.0.1703 no descodifica correctamente las muestras, lo que permite a atacantes remotos eje... • http://service.real.com/realplayer/security/02062012_player/en • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 5%CPEs: 30EXPL: 0CVE-2011-4244
https://notcve.org/view.php?id=CVE-2011-4244
24 Nov 2011 — Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica en el procesador de RealVideo en RealNetworks RealPlayer anterior a v15.0.0 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • http://service.real.com/realplayer/security/11182011_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 38EXPL: 0CVE-2011-4245
https://notcve.org/view.php?id=CVE-2011-4245
24 Nov 2011 — The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. El procesador de RealVideo en RealNetworks RealPlayer anterior a v15.0.0 y Mac RealPlayer anterior a v12.0.0.1703 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://service.real.com/realplayer/security/11182011_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 38EXPL: 0CVE-2011-4246
https://notcve.org/view.php?id=CVE-2011-4246
24 Nov 2011 — The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. El codec AAC en RealNetworks RealPlayer anterior a v15.0.0 y Mac RealPlayer anterior a v12.0.0.1703 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://service.real.com/realplayer/security/11182011_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 30EXPL: 0CVE-2011-4247 – RealNetworks RealPlayer QCELP Stream Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-4247
24 Nov 2011 — RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream. RealNetworks RealPlayer anterior a v15.0.0 permite a atacantes remotos ejecutar código arbitrario a través de una corriente QCELP. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The spec... • http://service.real.com/realplayer/security/11182011_player/en • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 2%CPEs: 30EXPL: 0CVE-2011-4248 – RealNetworks RealPlayer Malformed AAC File Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-4248
24 Nov 2011 — RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file. RealNetworks RealPlayer anterior a v15.0.0 permite a atacantes remotos ejecutar código arbitrario a través de una malformación de archivos AAC. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. AUser interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious fi... • http://service.real.com/realplayer/security/11182011_player/en • CWE-94: Improper Control of Generation of Code ('Code Injection') •