CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0CVE-2005-0190
https://notcve.org/view.php?id=CVE-2005-0190
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. • http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616160228843&w=2 http://secunia.com/advisories/12672 http://service.real.com/help/faq/security/040928_player/EN http://www.ngssoftware.com/advisories/real-02full.txt http://www.securityfocus.com/bid/11308 https://exchange.xforce.ibmcloud.com/vulnerabilities/17551 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2004-0550
https://notcve.org/view.php?id=CVE-2004-0550
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. Desbordamiento de búfer en Real Networks RealPlayer 10 permite a atacantes remotos ejecutar código de su elección mediante una URL con un número grande de caractéres "." (punto). • http://www.idefense.com/application/poi/display?id=109&type=vulnerabilities&flashstatus=false https://exchange.xforce.ibmcloud.com/vulnerabilities/16388 https://access.redhat.com/security/cve/CVE-2004-0550 https://bugzilla.redhat.com/show_bug.cgi?id=1617227 •
CVSS: 5.1EPSS: 33%CPEs: 4EXPL: 0CVE-2004-0387
https://notcve.org/view.php?id=CVE-2004-0387
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. • http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0077.html http://marc.info/?l=bugtraq&m=108135350810135&w=2 http://secunia.com/advisories/11314 http://www.ngssoftware.com/advisories/realr3t.txt http://www.osvdb.org/displayvuln.php?osvdb_id=4977 http://www.securityfocus.com/bid/10070 http://www.service.real.com/help/faq/security/040406_r3t/en https://exchange.xforce.ibmcloud.com/vulnerabilities/15774 https://access.redhat.com/security/cve/CVE-2004-0387 https://bugzi •
CVSS: 7.6EPSS: 13%CPEs: 14EXPL: 0CVE-2004-0258
https://notcve.org/view.php?id=CVE-2004-0258
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. Múltiples desbordamientos de búfer en RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, y RealPlayer Enterprise permiten a atacantes remotos ejecutar código de su elección mediante ficheros 1) .RP, (2) .RT, (3) .RAM, (4) .RPM o (5) .SMIL malformados. • http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html http://marc.info/?l=bugtraq&m=107608748813559&w=2 http://www.ciac.org/ciac/bulletins/o-075.shtml http://www.kb.cert.org/vuls/id/473814 http://www.nextgenss.com/advisories/realone.txt http://www.securityfocus.com/bid/9579 http://www.service.real.com/help/faq/security/040123_player/EN https://exchange.xforce.ibmcloud.com/vulnerabilities/15040 •
CVSS: 5.1EPSS: 0%CPEs: 10EXPL: 0CVE-2003-0141
https://notcve.org/view.php?id=CVE-2003-0141
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html http://marc.info/?l=bugtraq&m=104887465427579&w=2 http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10 http://www.kb.cert.org/vuls/id/705761 http://www.securityfocus.com/bid/7177 •