Page 38 of 217 results (0.016 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length header set to -1. RealNetworks Helix Universal Server 9.0.2 para Linux y 9.0.3 for Windows permite a atacantes remotos causar una denegación de servicio (consumición de memoria y CPU) mediante peticiones POST con una cabecera Content-Length puesta a -1. • http://www.idefense.com/application/poi/display?id=151&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/17648 •

CVSS: 7.5EPSS: 10%CPEs: 10EXPL: 0

Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. • http://archives.neohapsis.com/archives/ntbugtraq/2005-q1/0046.html http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616636318261&w=2 http://service.real.com/help/faq/security/040928_player/EN http://www.kb.cert.org/vuls/id/698390 http://www.securityfocus.com/bid/12311 https://access.redhat.com/security/cve/CVE-2005-0189 https://bugzilla.redhat.com/show_bug.cgi?id=1617486 •

CVSS: 2.6EPSS: 0%CPEs: 7EXPL: 0

Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. • http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616302008401&w=2 http://service.real.com/help/faq/security/040928_player/EN http://www.ngssoftware.com/advisories/real-03full.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18984 •

CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0

Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. • http://marc.info/?l=bugtraq&m=109707741022291&w=2 http://marc.info/?l=bugtraq&m=110616160228843&w=2 http://secunia.com/advisories/12672 http://service.real.com/help/faq/security/040928_player/EN http://www.ngssoftware.com/advisories/real-02full.txt http://www.securityfocus.com/bid/11308 https://exchange.xforce.ibmcloud.com/vulnerabilities/17551 •

CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0

Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. Vulnerabilidad de atravesamiento de directorios en RealOne Player, RealOne Player 2.0, y RealOne Enterprise Desktop permite a atacantes remotos subir ficheros arbitrarios mediante un fichero RMP que contenga secuencias .. (punto punto) en fichero de piel .rjs. • http://marc.info/?l=bugtraq&m=107642978524321&w=2 http://service.real.com/help/faq/security/040123_player/EN http://www.kb.cert.org/vuls/id/514734 http://www.securityfocus.com/bid/9580 https://exchange.xforce.ibmcloud.com/vulnerabilities/15123 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •