GCVE - cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realnetworks:realone_player:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Realnetworks (`944b0662-a257-59bc-8fc3-d9f6c6d401e0`)
Product	Realone Player (`05ac13e2-77ff-525f-8a71-43f30b23e4a0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-3410`	vulnerable	2026-06-03 14:28:16.037286	Details available Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. Published: 2007-06-26T22:00:00.000Z Updated: 2024-08-07T14:14:13.469Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/10252007_player/en/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547 http://secunia.com/advisories/26463 http://security.gentoo.org/glsa/glsa-200709-05.xml	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0323`	vulnerable	2026-06-03 14:27:20.474759	Details available Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. Published: 2006-03-23T23:00:00.000Z Updated: 2024-08-07T16:34:13.867Z Open on db.gcve.eu Reference links http://www.service.real.com/realplayer/security/03162006_player/en/ http://secunia.com/advisories/19358 http://www.novell.com/linux/security/advisories/2006_18_realplayer.html http://secunia.com/advisories/19362 http://www.vupen.com/english/advisories/2006/1057	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2922`	vulnerable	2026-06-03 14:27:03.579941	Details available Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. Published: 2006-03-23T23:00:00.000Z Updated: 2024-08-07T22:53:29.699Z Open on db.gcve.eu Reference links http://www.service.real.com/realplayer/security/03162006_player/en/ http://secunia.com/advisories/19358 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444 http://www.novell.com/linux/security/advisories/2006_18_realplayer.html http://www.vupen.com/english/advisories/2006/1057	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0387`	vulnerable	2026-06-03 14:26:35.372563	Details available Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. Published: 2004-04-16T04:00:00.000Z Updated: 2024-08-08T00:17:14.517Z Open on db.gcve.eu Reference links http://www.osvdb.org/displayvuln.php?osvdb_id=4977 http://www.service.real.com/help/faq/security/040406_r3t/en/ http://marc.info/?l=bugtraq&m=108135350810135&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15774 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0077.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0207`	vulnerable	2026-06-03 14:26:13.637689	Details available Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header. Published: 2002-06-25T04:00:00.000Z Updated: 2024-08-08T02:42:28.519Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/3809 http://archives.neohapsis.com/archives/vuln-dev/2002-q1/0044.html http://online.securityfocus.com/archive/1/252414 http://online.securityfocus.com/archive/1/252425 http://sentinelchicken.com/advisories/realplayer/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.