Show filters
65 Total Results
Displaying 61-65 of 65
Sort by:
Attacker Value
Unknown

CVE-2005-0190

Disclosure Date: September 29, 2004 (last updated February 22, 2025)
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.
0
Attacker Value
Unknown

CVE-2003-0141

Disclosure Date: April 02, 2003 (last updated February 22, 2025)
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
0
Attacker Value
Unknown

CVE-2002-1321

Disclosure Date: December 11, 2002 (last updated February 22, 2025)
Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename.
0
Attacker Value
Unknown

CVE-2002-0415

Disclosure Date: August 12, 2002 (last updated February 22, 2025)
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.
0
Attacker Value
Unknown

CVE-2000-0280

Disclosure Date: April 03, 2000 (last updated February 22, 2025)
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
0