GCVE - cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*

part: a version: 8.0 update: *

Vendor	Realnetworks (`944b0662-a257-59bc-8fc3-d9f6c6d401e0`)
Product	Realplayer (`51c5929e-545a-5233-af39-c6f980255b80`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-5081`	vulnerable	2026-06-03 14:28:20.031995	Details available Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. Published: 2007-10-31T17:00:00.000Z Updated: 2024-08-07T15:17:28.337Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/10252007_player/en/ http://securitytracker.com/id?1018866 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625 http://www.attrition.org/pipermail/vim/2007-October/001841.html http://www.vupen.com/english/advisories/2007/3628	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-2264`	vulnerable	2026-06-03 14:28:07.842276	Details available Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.ra or .ram) file with a large size value in the RA header. Published: 2007-10-31T17:00:00.000Z Updated: 2024-08-07T13:33:28.220Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/10252007_player/en/ http://www.zerodayinitiative.com/advisories/ZDI-07-063.html http://securitytracker.com/id?1018866 https://exchange.xforce.ibmcloud.com/vulnerabilities/37437 http://www.securityfocus.com/archive/1/483113/100/0/threaded	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1370`	vulnerable	2026-06-03 14:27:24.185764	Details available Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file. Published: 2006-03-23T23:00:00.000Z Updated: 2024-08-07T17:12:20.812Z Open on db.gcve.eu Reference links http://www.service.real.com/realplayer/security/03162006_player/en/ https://exchange.xforce.ibmcloud.com/vulnerabilities/25411 http://secunia.com/advisories/19358 http://www.vupen.com/english/advisories/2006/1057 http://www.securityfocus.com/bid/17202	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2936`	vulnerable	2026-06-03 14:27:03.616581	Details available Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file. Published: 2005-11-18T11:00:00.000Z Updated: 2024-08-07T22:53:29.751Z Open on db.gcve.eu Reference links http://www.service.real.com/realplayer/security/03162006_player/en/ http://secunia.com/advisories/19358 http://www.securityfocus.com/bid/15448 http://www.vupen.com/english/advisories/2006/1057 http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2055`	vulnerable	2026-06-03 14:27:00.944663	Details available RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". Published: 2005-06-28T04:00:00.000Z Updated: 2024-09-17T02:15:53.030Z Open on db.gcve.eu Reference links http://service.real.com/help/faq/security/050623_player/EN/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2052`	vulnerable	2026-06-03 14:27:00.933855	Details available Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. Published: 2005-06-26T04:00:00.000Z Updated: 2024-08-07T22:15:37.353Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=111955853611840&w=2 http://service.real.com/help/faq/security/050623_player/EN/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0755`	vulnerable	2026-06-03 14:26:51.489896	Details available Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. Published: 2005-04-21T04:00:00.000Z Updated: 2024-08-07T21:28:27.188Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2005-392.html http://www.redhat.com/support/errata/RHSA-2005-363.html http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00040.html http://marc.info/?l=bugtraq&m=111401615202987&w=2 http://service.real.com/help/faq/security/050419_player/EN/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0611`	vulnerable	2026-06-03 14:26:51.073645	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. Published: 2005-03-02T05:00:00.000Z Updated: 2024-08-07T21:21:06.417Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2005-271.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11419 http://service.real.com/help/faq/security/050224_player/EN/ http://www.redhat.com/support/errata/RHSA-2005-265.html http://marc.info/?l=bugtraq&m=110979465912834&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0455`	not_vulnerable	2026-06-03 14:26:50.521103	Details available Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. Published: 2005-03-02T05:00:00.000Z Updated: 2024-08-07T21:13:54.141Z Open on db.gcve.eu Reference links http://www.idefense.com/application/poi/display?id=209&type=vulnerabilities http://service.real.com/help/faq/security/050224_player http://www.redhat.com/support/errata/RHSA-2005-271.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10926 http://www.redhat.com/support/errata/RHSA-2005-265.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1798`	vulnerable	2026-06-03 14:26:45.404762	Details available RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T01:07:47.993Z Open on db.gcve.eu Reference links http://secunia.com/advisories/9584 http://securitytracker.com/id?1008647 http://www.securityfocus.com/bid/9378 http://www.osvdb.org/3826 http://www.securityfocus.com/archive/1/349086	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1481`	vulnerable	2026-06-03 14:26:39.832451	Details available Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. Published: 2005-02-13T05:00:00.000Z Updated: 2024-08-08T00:53:23.813Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/11309 http://marc.info/?l=ntbugtraq&m=109708374115061&w=2 http://www.service.real.com/help/faq/security/040928_player/EN/ http://secunia.com/advisories/12672 https://exchange.xforce.ibmcloud.com/vulnerabilities/17549	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0387`	vulnerable	2026-06-03 14:26:35.374630	Details available Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. Published: 2004-04-16T04:00:00.000Z Updated: 2024-08-08T00:17:14.517Z Open on db.gcve.eu Reference links http://www.osvdb.org/displayvuln.php?osvdb_id=4977 http://www.service.real.com/help/faq/security/040406_r3t/en/ http://marc.info/?l=bugtraq&m=108135350810135&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15774 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0077.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-0141`	vulnerable	2026-06-03 14:26:24.809149	Details available The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. Published: 2003-03-29T05:00:00.000Z Updated: 2024-08-08T01:43:35.999Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0156.html http://www.securityfocus.com/bid/7177 http://marc.info/?l=bugtraq&m=104887465427579&w=2 http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10 http://www.kb.cert.org/vuls/id/705761	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0337`	vulnerable	2026-06-03 14:26:14.008645	Details available RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. Published: 2002-05-03T04:00:00.000Z Updated: 2024-08-08T02:49:27.365Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/4200 http://www.iss.net/security_center/static/8320.php http://marc.info/?l=bugtraq&m=101495354424868&w=2	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.