Shodan
Vulnerabilities
Vulnerable Software
Realnetworks:  Security Vulnerabilities
CVE-2012-2268
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different vulnerability than CVE-2012-1923.
CVSS Score
5.0
EPSS Score
0.006
Published
2012-04-17
CVE-2012-0942
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials.
CVSS Score
7.5
EPSS Score
0.037
Published
2012-04-17
CVE-2012-1923
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.
CVSS Score
2.1
EPSS Score
0.002
Published
2012-04-17
CVE-2012-1984
Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-04-17
CVE-2012-1904
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.
CVSS Score
4.3
EPSS Score
0.108
Published
2012-03-28
CVE-2012-0928
The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted ATRAC audio file.
CVSS Score
9.3
EPSS Score
0.034
Published
2012-02-08
CVE-2012-0922
rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.
CVSS Score
9.3
EPSS Score
0.046
Published
2012-02-08
CVE-2012-0923
The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to execute arbitrary code via a crafted RV20 RealVideo video stream.
CVSS Score
9.3
EPSS Score
0.044
Published
2012-02-08
CVE-2012-0924
RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in a header within a video stream.
CVSS Score
9.3
EPSS Score
0.034
Published
2012-02-08
CVE-2012-0925
Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream.
CVSS Score
9.3
EPSS Score
0.046
Published
2012-02-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved