Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2267 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-29 | 5.0 MEDIUM | N/A |
| master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (daemon crash) by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923. | |||||
| CVE-2012-1985 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL. | |||||
| CVE-2012-1984 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-1923 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-29 | 2.1 LOW | N/A |
| RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database. | |||||
| CVE-2012-0942 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2017-12-29 | 7.5 HIGH | N/A |
| Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials. | |||||
| CVE-2002-1643 | 1 Realnetworks | 1 Helix Universal Server | 2017-12-23 | 7.5 HIGH | N/A |
| Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-2005-0192 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-12-12 | 2.6 LOW | N/A |
| Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. | |||||
| CVE-2005-0755 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2017-11-21 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. | |||||
| CVE-2005-0189 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | |||||
| CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 2.6 LOW | N/A |
| Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. | |||||
| CVE-2005-0191 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 5.1 MEDIUM | N/A |
| Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. | |||||
| CVE-2006-6847 | 1 Realnetworks | 1 Realplayer | 2017-10-19 | 5.0 MEDIUM | N/A |
| An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument. | |||||
| CVE-2006-6759 | 1 Realnetworks | 1 Realplayer | 2017-10-19 | 5.0 MEDIUM | N/A |
| A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments. | |||||
| CVE-2007-3410 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2017-10-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. | |||||
| CVE-2007-2497 | 1 Realnetworks | 1 Realplayer | 2017-10-11 | 7.8 HIGH | N/A |
| RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct. | |||||
| CVE-2005-2922 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2017-10-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. | |||||
| CVE-2005-2710 | 1 Realnetworks | 2 Helix Player, Realplayer | 2017-10-11 | 5.1 MEDIUM | N/A |
| Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file. | |||||
| CVE-2005-1766 | 1 Realnetworks | 1 Realplayer | 2017-10-11 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file. | |||||
| CVE-2005-0611 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2017-10-11 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | |||||