CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32291
https://notcve.org/view.php?id=CVE-2022-32291
In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file. En Real Player versiones hasta 20.1.0.312, los atacantes pueden ejecutar código arbitrario al colocar un nombre de ruta compartido UNC (para un archivo DLL) en un archivo RAM • https://github.com/Edubr2020/RP_RecordClip_DLL_Hijack •
CVSS: 9.3EPSS: 3%CPEs: 2EXPL: 0CVE-2014-3113
https://notcve.org/view.php?id=CVE-2014-3113
Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 allow remote attackers to execute arbitrary code via a malformed (1) elst or (2) stsz atom in an MP4 file. Múltiples desbordamientos de buffer en RealNetworks RealPlayer anterior a 17.0.10.8 permiten a atacantes remotos ejecutar código arbitrario a través de un átomo (1) elst or (2) stsz malformado en un fichero MP4. • http://secunia.com/advisories/59238 http://service.real.com/realplayer/security/06272014_player/en http://www.fortiguard.com/advisory/RealNetworks-RealPlayer-Memory-Corruption http://www.securitytracker.com/id/1030524 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 96%CPEs: 50EXPL: 2CVE-2013-7260 – RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-7260
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877. Múltiples desbordamientos de buffer basados en pila en RealNetworks RealPlayer anteriores a 17.0.4.61 en Windows, y Mac RealPlayer anteriores a 12.0.1.1738, permite a atacantes remotos ejecutar código arbitrario a través de (1) un número de versión largo o (2) una declaración de codificación larga en la declaración XML de un fichero RMP, un problema distinto al CVE-2013-6877. • https://www.exploit-db.com/exploits/30468 http://service.real.com/realplayer/security/12202013_player/en http://www.exploit-db.com/exploits/30468 http://www.kb.cert.org/vuls/id/698278 http://www.securityfocus.com/bid/64695 https://exchange.xforce.ibmcloud.com/vulnerabilities/90160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •