GCVE - cpe:2.3:a:realnetworks:realplayer:11.0.0:*:linux:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realnetworks:realplayer:11.0.0:*:linux:*:*:*:*:*

part: a version: 11.0.0 update: *

Vendor	Realnetworks (`944b0662-a257-59bc-8fc3-d9f6c6d401e0`)
Product	Realplayer (`51c5929e-545a-5233-af39-c6f980255b80`)
Edition	linux
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-4257`	vulnerable	2026-06-03 14:29:56.976847	Details available Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.213Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.securityfocus.com/archive/1/509105/100/0/threaded http://www.vupen.com/english/advisories/2010/0178 http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-September/008678.html https://exchange.xforce.ibmcloud.com/vulnerabilities/55798	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4248`	vulnerable	2026-06-03 14:29:56.947174	Details available Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.214Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=561361 http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.vupen.com/english/advisories/2010/0178 https://helixcommunity.org/viewcvs/client/core/rtspprotocol.cpp?view=log#rev1.55.2.19 http://securitytracker.com/id?1023489	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4247`	vulnerable	2026-06-03 14:29:56.946257	Details available Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow." Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.219Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.vupen.com/english/advisories/2010/0178 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ http://secunia.com/advisories/38450	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4246`	vulnerable	2026-06-03 14:29:56.945374	Details available Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.207Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 https://exchange.xforce.ibmcloud.com/vulnerabilities/55799 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ http://www.zerodayinitiative.com/advisories/ZDI-10-010/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4245`	vulnerable	2026-06-03 14:29:56.944486	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.237Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html http://www.vupen.com/english/advisories/2010/0178 https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7 http://osvdb.org/61969	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4244`	vulnerable	2026-06-03 14:29:56.943575	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.240Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ http://secunia.com/advisories/38218 http://www.securityfocus.com/bid/37880	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4243`	vulnerable	2026-06-03 14:29:56.942760	Details available RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow." Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.171Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 http://securitytracker.com/id?1023489 http://service.real.com/realplayer/security/01192010_player/en/ https://exchange.xforce.ibmcloud.com/vulnerabilities/55796 http://osvdb.org/61967	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4242`	vulnerable	2026-06-03 14:29:56.941848	Details available Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.208Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2010-0094.html http://www.vupen.com/english/advisories/2010/0178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10144 https://exchange.xforce.ibmcloud.com/vulnerabilities/55795 http://securitytracker.com/id?1023489	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4241`	vulnerable	2026-06-03 14:29:56.940231	Details available Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption. Published: 2010-01-25T19:00:00.000Z Updated: 2024-08-07T06:54:10.146Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/0178 https://exchange.xforce.ibmcloud.com/vulnerabilities/55794 http://securitytracker.com/id?1023489 http://www.securityfocus.com/archive/1/509100/100/0/threaded http://service.real.com/realplayer/security/01192010_player/en/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Realplayer

PURL mappings

Vulnerability references

Contribute