GCVE - cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realnetworks:realplayer:10.1:*:*:*:*:*:*:*

part: a version: 10.1 update: *

Vendor	Realnetworks (`944b0662-a257-59bc-8fc3-d9f6c6d401e0`)
Product	Realplayer (`51c5929e-545a-5233-af39-c6f980255b80`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-4257`	vulnerable	2026-06-03 14:29:56.976753	Details available Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.213Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.securityfocus.com/archive/1/509105/100/0/threaded http://www.vupen.com/english/advisories/2010/0178 http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html https://exchange.xforce.ibmcloud.com/vulnerabilities/55798	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4248`	vulnerable	2026-06-03 14:29:56.947073	Details available Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.214Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=561361 http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.vupen.com/english/advisories/2010/0178 https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19 http://securitytracker.com/id?1023489	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4247`	vulnerable	2026-06-03 14:29:56.946162	Details available Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow." Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.219Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.vupen.com/english/advisories/2010/0178 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ http://secunia.com/advisories/38450	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4246`	vulnerable	2026-06-03 14:29:56.945280	Details available Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.207Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 https://exchange.xforce.ibmcloud.com/vulnerabilities/55799 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ http://www.zerodayinitiative.com/advisories/ZDI-10-010/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4245`	vulnerable	2026-06-03 14:29:56.944392	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.237Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html http://www.vupen.com/english/advisories/2010/0178 https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7 http://osvdb.org/61969	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4244`	vulnerable	2026-06-03 14:29:56.943479	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.240Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ http://secunia.com/advisories/38218 http://www.securityfocus.com/bid/37880	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4243`	vulnerable	2026-06-03 14:29:56.942664	Details available RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow." Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.171Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ https://exchange.xforce.ibmcloud.com/vulnerabilities/55796 http://osvdb.org/61967	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4242`	vulnerable	2026-06-03 14:29:56.941750	Details available Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.208Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.vupen.com/english/advisories/2010/0178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144 https://exchange.xforce.ibmcloud.com/vulnerabilities/55795 http://securitytracker.com/id?1023489	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4241`	vulnerable	2026-06-03 14:29:56.935657	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.146Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 https://exchange.xforce.ibmcloud.com/vulnerabilities/55794 http://securitytracker.com/id?1023489 http://www.securityfocus.com/archive/1/509100/100/0/threaded http://service.real.com/realplayer/security/01192010_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3410`	vulnerable	2026-06-03 14:28:16.038930	Details available Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value. Published: 2007-06-26T22:00:00.000Z Updated: 2024-08-07T14:14:13.469Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/10252007_player/en/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547 http://secunia.com/advisories/26463 http://security.gentoo.org/glsa/glsa-200709-05.xml	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.