RealNetworks RealPlayer 14.0.2
Approved changes feed: RSS · Atom
cpe:2.3:a:realnetworks:realplayer:14.0.2:*:*:*:*:*:*:*
part: a version: 14.0.2 update: *
| Vendor | Realnetworks (944b0662-a257-59bc-8fc3-d9f6c6d401e0) |
|---|---|
| Product | Realplayer (51c5929e-545a-5233-af39-c6f980255b80) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-7260 |
vulnerable | 2026-06-03 14:33:34.408032 |
Details available
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
Published: 2014-01-03T20:00:00.000Z
Updated: 2024-08-06T18:01:20.225Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4974 |
vulnerable | 2026-06-03 14:33:20.193064 |
Details available
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file.
Published: 2013-08-27T01:00:00.000Z
Updated: 2024-08-06T16:59:41.216Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4973 |
vulnerable | 2026-06-03 14:33:20.180515 |
Details available
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
Published: 2013-08-27T01:00:00.000Z
Updated: 2024-08-06T16:59:41.224Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-3299 |
vulnerable | 2026-06-03 14:33:06.568782 |
Details available
RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string.
Published: 2013-07-06T10:00:00.000Z
Updated: 2024-09-17T00:22:06.544Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-1750 |
vulnerable | 2026-06-03 14:32:51.454125 |
Details available
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
Published: 2013-03-20T18:00:00.000Z
Updated: 2024-09-16T22:40:03.403Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-5691 |
vulnerable | 2026-06-03 14:32:31.776979 |
Details available
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.
Published: 2012-12-19T11:00:00.000Z
Updated: 2024-09-16T20:32:36.375Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-5690 |
vulnerable | 2026-06-03 14:32:31.766100 |
Details available
RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer.
Published: 2012-12-19T11:00:00.000Z
Updated: 2024-09-16T17:08:26.701Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-3234 |
vulnerable | 2026-06-03 14:31:56.927176 |
Details available
RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) or possibly have unspecified other impact via a crafted file.
Published: 2012-09-12T10:00:00.000Z
Updated: 2024-08-06T19:57:50.255Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-2411 |
vulnerable | 2026-06-03 14:31:53.165199 |
Details available
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file.
Published: 2012-05-18T18:00:00.000Z
Updated: 2024-08-06T19:34:25.160Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-2410 |
vulnerable | 2026-06-03 14:31:53.163960 |
Details available
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2409.
Published: 2012-09-12T10:00:00.000Z
Updated: 2024-08-06T19:34:25.309Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-2409 |
vulnerable | 2026-06-03 14:31:53.162803 |
Details available
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted RealMedia file, a different vulnerability than CVE-2012-2410.
Published: 2012-09-12T10:00:00.000Z
Updated: 2024-08-06T19:34:25.187Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-2408 |
vulnerable | 2026-06-03 14:31:53.161521 |
Details available
The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted AAC file that is not properly handled during decoding.
Published: 2012-09-12T10:00:00.000Z
Updated: 2024-08-06T19:34:25.814Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-2407 |
vulnerable | 2026-06-03 14:31:53.154149 |
Details available
Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data unpacking.
Published: 2012-09-12T10:00:00.000Z
Updated: 2024-08-06T19:34:24.304Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-2406 |
vulnerable | 2026-06-03 14:31:53.142914 |
Details available
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file.
Published: 2012-05-18T18:00:00.000Z
Updated: 2024-08-06T19:34:25.505Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-1904 |
vulnerable | 2026-06-03 14:31:45.003135 |
Details available
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.
Published: 2012-03-28T10:00:00.000Z
Updated: 2024-08-06T19:17:26.845Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0928 |
vulnerable | 2026-06-03 14:31:40.371799 |
Details available
The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-09-16T23:22:15.983Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0927 |
vulnerable | 2026-06-03 14:31:40.370847 |
Details available
Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving the coded_frame_size value in a RealAudio audio stream.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-08-06T18:38:15.049Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0926 |
vulnerable | 2026-06-03 14:31:40.369835 |
Details available
The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-08-06T18:38:15.063Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0925 |
vulnerable | 2026-06-03 14:31:40.368867 |
Details available
Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-08-06T18:38:15.048Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0924 |
vulnerable | 2026-06-03 14:31:40.367751 |
Details available
RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-08-06T18:38:15.059Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0923 |
vulnerable | 2026-06-03 14:31:40.366745 |
Details available
The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-08-06T18:38:15.155Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0922 |
vulnerable | 2026-06-03 14:31:40.350576 |
Details available
rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.
Published: 2012-02-08T15:00:00.000Z
Updated: 2024-08-06T18:38:14.998Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4262 |
vulnerable | 2026-06-03 14:31:23.593597 |
Details available
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T18:09:12.071Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4261 |
vulnerable | 2026-06-03 14:31:23.592756 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T04:04:51.433Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4260 |
vulnerable | 2026-06-03 14:31:23.591842 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T03:37:53.243Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4259 |
vulnerable | 2026-06-03 14:31:23.590987 |
Details available
Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T22:55:34.397Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4258 |
vulnerable | 2026-06-03 14:31:23.590102 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T16:28:11.349Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4257 |
vulnerable | 2026-06-03 14:31:23.589265 |
Details available
The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T23:31:59.986Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4256 |
vulnerable | 2026-06-03 14:31:23.588392 |
Details available
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T18:43:41.896Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4255 |
vulnerable | 2026-06-03 14:31:23.587313 |
Details available
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T23:56:04.028Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4254 |
vulnerable | 2026-06-03 14:31:23.586263 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T19:36:54.479Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4253 |
vulnerable | 2026-06-03 14:31:23.585358 |
Details available
Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T04:09:08.302Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4252 |
vulnerable | 2026-06-03 14:31:23.584313 |
Details available
The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T01:05:38.988Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4251 |
vulnerable | 2026-06-03 14:31:23.583229 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T01:22:04.839Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4250 |
vulnerable | 2026-06-03 14:31:23.582388 |
Details available
Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T22:03:36.840Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4249 |
vulnerable | 2026-06-03 14:31:23.581280 |
Details available
Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T02:41:43.627Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4248 |
vulnerable | 2026-06-03 14:31:23.580401 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T00:20:36.612Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4247 |
vulnerable | 2026-06-03 14:31:23.579475 |
Details available
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-17T00:17:10.888Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4246 |
vulnerable | 2026-06-03 14:31:23.578565 |
Details available
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T19:19:20.805Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4245 |
vulnerable | 2026-06-03 14:31:23.577442 |
Details available
The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T17:29:02.686Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4244 |
vulnerable | 2026-06-03 14:31:23.568540 |
Details available
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.
Published: 2011-11-24T11:00:00.000Z
Updated: 2024-09-16T20:16:31.981Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2955 |
vulnerable | 2026-06-03 14:31:11.428132 |
Details available
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:32.095Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2954 |
vulnerable | 2026-06-03 14:31:11.427485 |
Details available
Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:32.086Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2953 |
vulnerable | 2026-06-03 14:31:11.426746 |
Details available
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:31.942Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2952 |
vulnerable | 2026-06-03 14:31:11.425895 |
Details available
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:31.942Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2951 |
vulnerable | 2026-06-03 14:31:11.425215 |
Details available
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:32.040Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2950 |
vulnerable | 2026-06-03 14:31:11.424548 |
Details available
Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:31.952Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2949 |
vulnerable | 2026-06-03 14:31:11.423772 |
Details available
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:31.953Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2948 |
vulnerable | 2026-06-03 14:31:11.414514 |
Details available
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:31.991Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2947 |
vulnerable | 2026-06-03 14:31:11.413739 |
Details available
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:31.947Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2946 |
vulnerable | 2026-06-03 14:31:11.412979 |
Details available
Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:32.055Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2945 |
vulnerable | 2026-06-03 14:31:11.412288 |
Details available
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.
Published: 2011-08-18T23:00:00.000Z
Updated: 2024-08-06T23:15:32.025Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-1426 |
vulnerable | 2026-06-03 14:31:01.400809 |
Details available
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename corresponding to a crafted RNX file.
Published: 2011-04-18T18:00:00.000Z
Updated: 2024-08-06T22:28:41.342Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-1221 |
vulnerable | 2026-06-03 14:30:59.718841 |
Details available
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document, a different vulnerability than CVE-2011-2947.
Published: 2011-10-04T22:00:00.000Z
Updated: 2024-09-17T02:32:51.446Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.