GCVE - cpe:2.3:a:realnetworks:realplayer:15.0.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realnetworks:realplayer:15.0.0:*:*:*:*:*:*:*

part: a version: 15.0.0 update: *

Vendor	Realnetworks (`944b0662-a257-59bc-8fc3-d9f6c6d401e0`)
Product	Realplayer (`51c5929e-545a-5233-af39-c6f980255b80`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-7260`	vulnerable	2026-06-03 14:33:34.410128	Details available Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877. Published: 2014-01-03T20:00:00.000Z Updated: 2024-08-06T18:01:20.225Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/64695 http://www.exploit-db.com/exploits/30468/ https://exchange.xforce.ibmcloud.com/vulnerabilities/90160 http://www.kb.cert.org/vuls/id/698278 http://service.real.com/realplayer/security/12202013_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4974`	vulnerable	2026-06-03 14:33:20.193133	Details available RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealMedia file. Published: 2013-08-27T01:00:00.000Z Updated: 2024-08-06T16:59:41.216Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/61990 http://service.real.com/realplayer/security/08232013_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4973`	vulnerable	2026-06-03 14:33:20.182618	Details available Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file. Published: 2013-08-27T01:00:00.000Z Updated: 2024-08-06T16:59:41.224Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/61989 http://service.real.com/realplayer/security/08232013_player/en/ http://www.kb.cert.org/vuls/id/246524	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3299`	vulnerable	2026-06-03 14:33:06.570864	Details available RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string. Published: 2013-07-06T10:00:00.000Z Updated: 2024-09-17T00:22:06.544Z Open on db.gcve.eu Reference links http://seclists.org/bugtraq/2013/Jul/18	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1750`	vulnerable	2026-06-03 14:32:51.456273	Details available Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file. Published: 2013-03-20T18:00:00.000Z Updated: 2024-09-16T22:40:03.403Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/03152013_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-5691`	vulnerable	2026-06-03 14:32:31.777046	Details available Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file. Published: 2012-12-19T11:00:00.000Z Updated: 2024-09-16T20:32:36.375Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/12142012_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-5690`	vulnerable	2026-06-03 14:32:31.768254	Details available RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer. Published: 2012-12-19T11:00:00.000Z Updated: 2024-09-16T17:08:26.701Z Open on db.gcve.eu Reference links http://service.real.com/realplayer/security/12142012_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2411`	vulnerable	2026-06-03 14:31:53.165265	Details available Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file. Published: 2012-05-18T18:00:00.000Z Updated: 2024-08-06T19:34:25.160Z Open on db.gcve.eu Reference links http://secunia.com/advisories/49193 http://www.securitytracker.com/id?1027076 http://service.real.com/realplayer/security/05152012_player/en/ https://exchange.xforce.ibmcloud.com/vulnerabilities/75648 http://osvdb.org/81944	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2406`	vulnerable	2026-06-03 14:31:53.144931	Details available RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file. Published: 2012-05-18T18:00:00.000Z Updated: 2024-08-06T19:34:25.505Z Open on db.gcve.eu Reference links http://secunia.com/advisories/49193 http://www.securitytracker.com/id?1027076 http://service.real.com/realplayer/security/05152012_player/en/ https://exchange.xforce.ibmcloud.com/vulnerabilities/75647 http://osvdb.org/81943	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0927`	vulnerable	2026-06-03 14:31:40.371118	Details available Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving the coded_frame_size value in a RealAudio audio stream. Published: 2012-02-08T15:00:00.000Z Updated: 2024-08-06T18:38:15.049Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0926`	vulnerable	2026-06-03 14:31:40.370109	Details available The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream. Published: 2012-02-08T15:00:00.000Z Updated: 2024-08-06T18:38:15.063Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0925`	vulnerable	2026-06-03 14:31:40.369147	Details available Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream. Published: 2012-02-08T15:00:00.000Z Updated: 2024-08-06T18:38:15.048Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47896 https://exchange.xforce.ibmcloud.com/vulnerabilities/73021 http://service.real.com/realplayer/security/02062012_player/en/ http://www.securityfocus.com/bid/51887 http://osvdb.org/78914	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0924`	vulnerable	2026-06-03 14:31:40.368029	Details available RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream. Published: 2012-02-08T15:00:00.000Z Updated: 2024-08-06T18:38:15.059Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0923`	vulnerable	2026-06-03 14:31:40.367030	Details available The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream. Published: 2012-02-08T15:00:00.000Z Updated: 2024-08-06T18:38:15.155Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47896 http://service.real.com/realplayer/security/02062012_player/en/ http://osvdb.org/78912 http://www.securityfocus.com/bid/51884	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0922`	vulnerable	2026-06-03 14:31:40.360241	Details available rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file. Published: 2012-02-08T15:00:00.000Z Updated: 2024-08-06T18:38:14.998Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47896 https://exchange.xforce.ibmcloud.com/vulnerabilities/73018 http://service.real.com/realplayer/security/02062012_player/en/ http://osvdb.org/78911 http://www.securityfocus.com/bid/51883	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.