Page 31 of 161 results (0.035 seconds)

CVSS: 7.5EPSS: 10%CPEs: 10EXPL: 0

Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. • http://archives.neohapsis.com/archives/ntbugtraq/2005-q1/0046.html http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616636318261&w=2 http://service.real.com/help/faq/security/040928_player/EN http://www.kb.cert.org/vuls/id/698390 http://www.securityfocus.com/bid/12311 https://access.redhat.com/security/cve/CVE-2005-0189 https://bugzilla.redhat.com/show_bug.cgi?id=1617486 •

CVSS: 2.6EPSS: 0%CPEs: 7EXPL: 0

Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. • http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616302008401&w=2 http://service.real.com/help/faq/security/040928_player/EN http://www.ngssoftware.com/advisories/real-03full.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18984 •

CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0

Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. • http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616160228843&w=2 http://secunia.com/advisories/12672 http://service.real.com/help/faq/security/040928_player/EN http://www.ngssoftware.com/advisories/real-02full.txt http://www.securityfocus.com/bid/11308 https://exchange.xforce.ibmcloud.com/vulnerabilities/17551 •

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0

Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. Desbordamiento de búfer en Real Networks RealPlayer 10 permite a atacantes remotos ejecutar código de su elección mediante una URL con un número grande de caractéres "." (punto). • http://www.idefense.com/application/poi/display?id=109&type=vulnerabilities&flashstatus=false https://exchange.xforce.ibmcloud.com/vulnerabilities/16388 https://access.redhat.com/security/cve/CVE-2004-0550 https://bugzilla.redhat.com/show_bug.cgi?id=1617227 •

CVSS: 5.1EPSS: 33%CPEs: 4EXPL: 0

Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. • http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0077.html http://marc.info/?l=bugtraq&m=108135350810135&w=2 http://secunia.com/advisories/11314 http://www.ngssoftware.com/advisories/realr3t.txt http://www.osvdb.org/displayvuln.php?osvdb_id=4977 http://www.securityfocus.com/bid/10070 http://www.service.real.com/help/faq/security/040406_r3t/en https://exchange.xforce.ibmcloud.com/vulnerabilities/15774 https://access.redhat.com/security/cve/CVE-2004-0387 https://bugzi •