CVSS: 9.3EPSS: 1%CPEs: 33EXPL: 0CVE-2012-0927 – RealNetworks RealPlayer RealAudio coded_frame_size Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-0927
Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving the coded_frame_size value in a RealAudio audio stream. Vulnerabilidad no especificada en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a 15.02.71, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con el valor coded_frame_size en un flujo de audio RealAudio. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must visit a malicious page or open a malicious file. The flaw exists within cook.dll, specifically the handling of a RealAudio 2.0 file. When parsing the RA2 header a coded_frame_sz element is used to calculate the size for an allocation. • http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 0%CPEs: 33EXPL: 0CVE-2012-0928 – RealNetworks RealPlayer ATRAC Sample Decoding Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0928
The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file. El codec ATRAC en RealNetworks RealPlayer v11.x y v14.x a través de v14.0.7, v1.0 a través de RealPlayer SP 1.1.5 y Mac RealPlayer 12.x anterior a v12.0.0.1703 no descodifica correctamente las muestras, lo que permite a atacantes remotos ejecutar código arbitrario a través de un archivo de audio ATRAC diseñado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application attempts to decode an audio sample that is encoded with the ATRAC codec. While parsing sample data, the application will explicitly trust 2-bits as a loop counter which can be used to write outside the bounds of the target buffer. • http://service.real.com/realplayer/security/02062012_player/en • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 7%CPEs: 33EXPL: 0CVE-2012-0922 – RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0922
rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file. rvrender.dll en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos ejecutar código arbitrario a través de banderas hechas a mano en un archivo de RMFF. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rvrender module. When parsing an IVR file, the code within this module does not account for a negative value for the "RMFF 1.0 Flags" element within the input data. By providing a specially crafted file an attacker is able to achieve a program state that results in a function pointer value being retrieved from file data and subsequently called. • http://osvdb.org/78911 http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en http://www.securityfocus.com/bid/51883 https://exchange.xforce.ibmcloud.com/vulnerabilities/73018 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 6%CPEs: 33EXPL: 0CVE-2012-0925 – RealNetworks RealPlayer RV40 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0925
Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream. Vulnerabilidad no especificada en el codec RV40 en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos ejecutar código arbitrario a través de una secuencia de flujo de vídeo RV40 RealVideo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must visit a malicious page or open a malicious file. The flaw exists within the rv40.dll component for RealNetworks RealPlayer. When parsing a stream containing RV40 sample data, a value is miscalculated before being used as an offset from a base pointer address. • http://osvdb.org/78914 http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en http://www.securityfocus.com/bid/51887 https://exchange.xforce.ibmcloud.com/vulnerabilities/73021 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 5%CPEs: 33EXPL: 0CVE-2012-0923 – RealNetworks RealPlayer RV20 Frame Size Array Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0923
The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream. El codec RV20 en RealNetworks RealPlayer v11.x, v14.x, v15.x, y anterior a v15.02.71, y RealPlayer SP v1.0 a v1.1.5, no controla correctamente el tamaño de la matriz de marco, que permite a atacantes remotos ejecutar código arbitrario a través de una secuencia de vídeo diseñado RV20 RealVideo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. • http://osvdb.org/78912 http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en http://www.securityfocus.com/bid/51884 • CWE-94: Improper Control of Generation of Code ('Code Injection') •