CVSS: 10.0EPSS: 5%CPEs: 24EXPL: 0CVE-2011-2953
https://notcve.org/view.php?id=CVE-2011-2953
18 Aug 2011 — An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition. Un control ActiveX no especificado en el plugin para los navegadores de RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, y RealPlayer SP v1.0 a v1.1.5, y RealPlayer Enterprise v2.0 a v2.1.5 ... • http://service.real.com/realplayer/security/08162011_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 24EXPL: 0CVE-2011-2955
https://notcve.org/view.php?id=CVE-2011-2955
18 Aug 2011 — Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog. Vulnerabilidad de uso después de liberación en RealNetworks RealPlayer v11.0 hasta la v11.1 y v14.0.0 hasta la v14.0.5, RealPlayer SP 1.0 a v1.1.5, y RealPlayer Enterprise v2.0 a v2.1.5, cuando se utiliza el... • http://service.real.com/realplayer/security/08162011_player/en • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 3%CPEs: 24EXPL: 0CVE-2011-2948 – RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2948
16 Aug 2011 — RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file. RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, RealPlayer SP v1.0 a v1.1.5, RealPlayer Enterprise v2.0 a v2.1.5 y Mac RealPlayer v12.0.0.1569... • http://service.real.com/realplayer/security/08162011_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 23EXPL: 0CVE-2011-2949 – RealNetworks Realplayer MP3 ID3 tags Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2949
16 Aug 2011 — Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file. Una vulnerabilidad de desbordamiento de buffer basado en memoria dinámica (heap) en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, RealPlayer SP v1.0 a v1.1.5, y RealPlayer Enterprise v2.0 a v2.1.5 permite a atacantes remotos ejecutar ... • http://service.real.com/realplayer/security/08162011_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 34%CPEs: 24EXPL: 4CVE-2011-1525 – RealPlayer 14.0.1.633 - Heap Overflow
https://notcve.org/view.php?id=CVE-2011-1525
06 Apr 2011 — Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file. Desbordamiento de búfer en la región heap de la memoria en la biblioteca rvrender.dll en RealPlayer versiones 11.0 hasta 11.1 y versiones 14.0.0 hasta 14.0.2, y RealPlayer SP versiones 1.0 hasta 1.1.5, de RealNetworks, permite a atacantes remotos ... • https://www.exploit-db.com/exploits/17019 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 19EXPL: 0CVE-2011-0694 – RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0694
08 Feb 2011 — RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function. RealNetworks RealPlayer v11.0 hasta v11.1, SP v1.0 hasta v1.1.5, y v14.0.0 hasta v14.0.1, y Enterprise v2.0 hasta v2.1.4,utiliza nombres predecibles para los archivos temporales, lo que permite a atacan... • http://docs.real.com/docs/security/SecurityUpdate020811RPE.pdf •
CVSS: 9.3EPSS: 1%CPEs: 17EXPL: 0CVE-2010-4380
https://notcve.org/view.php?id=CVE-2010-4380
14 Dec 2010 — Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted SOUND file. Desbordamiento de búfer basado en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4 y RealPlayer Enterprise v2.1.2 permite a atacantes remotos tener un impacto no especificado a través de un archivo SOUND debidamente modificado. • http://service.real.com/realplayer/security/12102010_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 28EXPL: 0CVE-2010-4383 – HelixPlayer multiple flaws (CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392, CVE-2010-4376)
https://notcve.org/view.php?id=CVE-2010-4383
14 Dec 2010 — Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 12.0.0.1444, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted RA5 file. Un desbordamiento de búfer basado en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4, RealPlayer Enterprise v2.1.2, Mac RealPlayer v11.0 a v12.0.... • http://service.real.com/realplayer/security/12102010_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 27EXPL: 0CVE-2010-4379 – HelixPlayer multiple flaws (CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392, CVE-2010-4376)
https://notcve.org/view.php?id=CVE-2010-4379
14 Dec 2010 — Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted SIPR file. Desbordamiento de búfer basado en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4, RealPlayer Enterprise v2.1.2, Mac RealPlayer v11.0 a v11.1, y Linux ... • http://service.real.com/realplayer/security/12102010_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 19EXPL: 0CVE-2010-4382 – HelixPlayer multiple flaws (CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392, CVE-2010-4376)
https://notcve.org/view.php?id=CVE-2010-4382
14 Dec 2010 — Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to have an unspecified impact via a crafted RealMedia file. Múltiples desbordamientos de búfer basados en montículo en RealNetworks RealPlayer v11.0 a v11.1, RealPlayer SP v1.0 a v1.1.4, RealPlayer Enterprise v2.1.2 y Linux v11.0.2.1744 RealPlayer permite a ataca... • http://service.real.com/realplayer/security/12102010_player/en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •