CVSS: 10.0EPSS: 13%CPEs: 1EXPL: 1CVE-2007-2924
https://notcve.org/view.php?id=CVE-2007-2924
Multiple buffer overflows in RealNetworks GameHouse dldisplay ActiveX control (ghdlctl.dll) allow remote attackers to execute arbitrary code via unknown vectors. Múltiples desbordamientos de búfer en el control ActiveX dldisplay de RealNetworks GameHouse (ghdlctl.dll) permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://osvdb.org/37671 http://secunia.com/advisories/25757 http://www.kb.cert.org/vuls/id/179105 http://www.securityfocus.com/bid/24534 http://www.vupen.com/english/advisories/2007/2261 https://exchange.xforce.ibmcloud.com/vulnerabilities/34935 •
CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 2CVE-2007-2497 – RealPlayer 10 - '.ra' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-2497
RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct. RealNetworks RealPlayer 10 Gold permite a atacantes remotos provocar una denegación de servicio (agotamiento de memoria) mediante un fichero .ra concreto. NOTA. Este tema fue tratado como un "agujero de memoria" pero no está claro que sea correcto. • https://www.exploit-db.com/exploits/3819 http://osvdb.org/41730 http://www.securityfocus.com/bid/23712 •
CVSS: 5.0EPSS: 6%CPEs: 8EXPL: 3CVE-2006-6847 – RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service
https://notcve.org/view.php?id=CVE-2006-6847
An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument. Un control ActiveX en ierpplug.dll para RealNetworks RealPlayer 10.5 permite a un atacante remoto provocar denegación de servicio (caida de Internet Explorer 7) invocnado al método RealPlayer.OpenURLInPlayerBrowser con un segundo argumento. • https://www.exploit-db.com/exploits/3030 http://downloads.securityfocus.com/vulnerabilities/exploits/21802.html http://www.securityfocus.com/bid/21802 https://exchange.xforce.ibmcloud.com/vulnerabilities/31141 •
CVSS: 5.0EPSS: 8%CPEs: 1EXPL: 3CVE-2006-6759 – RealPlayer 10.5 - ActiveX Control Denial of Service
https://notcve.org/view.php?id=CVE-2006-6759
A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments. Un control ActiveX concreto en rpau3260.dll en RealNetworks RealPlayer 10.5 permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer) invocando el método RealPlayer.Initialize con argumentos concretos. • https://www.exploit-db.com/exploits/2966 http://www.securityfocus.com/bid/21689 http://www.securityfocus.com/data/vulnerabilities/exploits/21689.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31138 •
CVSS: 10.0EPSS: 90%CPEs: 6EXPL: 1CVE-2006-6026 – Helix Server 11.0.1 (Windows 2000 SP4) - Remote Heap Overflow
https://notcve.org/view.php?id=CVE-2006-6026
Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field. Desbordamiento de búfer basado en montículo en Helix DNA Server 11.0 y 11.1 tiene impacto y vectores de ataque desconocidos, como ha sido demostrado por cierto módulo de VulnDisco Pack. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos únicamente de información de terceros. Desde el 18/11/2006, esta revelación no tiene información accionable. Sin embargo, debido a que el autor de VulnDisco Pack es un investigador de confianza, a este asunto le ha sido asignado un identificador CVE con propósitos de seguimiento. • https://www.exploit-db.com/exploits/3531 http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf http://gleg.net/helix.txt http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html http://secunia.com/advisories/22944 http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml http://www.attrition.org/pipermail/vim/2007-March/001459.html http://www.attrition.org/pipermail/vim/2007-March/001468.html http://www.securityfocus.com/arch • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •