Skip to main content

Realplayer Sp

20 CVEs product

Monthly

CVE-2013-4974 CRITICAL Act Now

RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
4.9%
CVE-2013-4973 CRITICAL Act Now

Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 11.8% and no vendor patch available.

Buffer Overflow RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
11.8%
CVE-2013-1750 CRITICAL Act Now

Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
7.1%
CVE-2012-5691 CRITICAL POC THREAT Emergency

Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 76.9%.

Buffer Overflow RCE Realplayer Realplayer Sp
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
76.9%
Threat
5.7
CVE-2012-5690 CRITICAL Act Now

RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
3.4%
CVE-2012-3234 HIGH This Week

RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Realplayer Realplayer Sp
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2012-2410 MEDIUM This Month

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer Realplayer Sp
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2012-2409 HIGH This Week

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer Realplayer Sp
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2012-2408 MEDIUM This Month

The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer Realplayer Sp
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2012-2407 HIGH This Week

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer Realplayer Sp
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2012-2411 CRITICAL Act Now

Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
9.7%
CVE-2012-2406 CRITICAL Act Now

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2012-1904 MEDIUM POC This Month

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Realplayer Realplayer Sp
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
5.6%
CVE-2012-0928 CRITICAL Act Now

The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.1%
CVE-2012-0927 CRITICAL Act Now

Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.1%
CVE-2012-0926 CRITICAL Act Now

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.1%
CVE-2012-0925 CRITICAL Act Now

Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.9%
CVE-2012-0924 CRITICAL Act Now

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.1%
CVE-2012-0923 CRITICAL Act Now

The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.8%
CVE-2012-0922 CRITICAL Act Now

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer Realplayer Sp
NVD
CVSS 2.0
9.3
EPSS
2.9%
EPSS 5% CVSS 9.3
CRITICAL Act Now

RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE +2
NVD
EPSS 12% CVSS 9.3
CRITICAL Act Now

Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 11.8% and no vendor patch available.

Buffer Overflow RCE Realplayer +1
NVD
EPSS 7% CVSS 9.3
CRITICAL Act Now

Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Realplayer +1
NVD
EPSS 77% 5.7 CVSS 9.3
CRITICAL POC THREAT Emergency

Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 76.9%.

Buffer Overflow RCE Realplayer +1
NVD Exploit-DB
EPSS 3% CVSS 9.3
CRITICAL Act Now

RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Realplayer Realplayer Sp
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Realplayer +1
NVD
EPSS 10% CVSS 9.3
CRITICAL Act Now

Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Realplayer +1
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Realplayer Realplayer Sp
NVD
EPSS 6% CVSS 4.3
MEDIUM POC This Month

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Realplayer +1
NVD Exploit-DB
EPSS 2% CVSS 9.3
CRITICAL Act Now

The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 3% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 3% CVSS 9.3
CRITICAL Act Now

The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD
EPSS 3% CVSS 9.3
CRITICAL Act Now

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection RCE Realplayer +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy