Shodan
Vulnerabilities
Vulnerable Software
Realnetworks:  >> Realone Player  >> 9.0.0.297  Security Vulnerabilities
CVE-2007-3410
Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
CVSS Score
9.3
EPSS Score
0.387
Published
2007-06-26
CVE-2006-0323
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
CVSS Score
9.3
EPSS Score
0.275
Published
2006-03-23
CVE-2005-2922
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.
CVSS Score
9.3
EPSS Score
0.044
Published
2005-12-31
CVE-2004-1481
Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow.
CVSS Score
5.1
EPSS Score
0.046
Published
2004-12-31
CVE-2004-0387
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.
CVSS Score
5.1
EPSS Score
0.063
Published
2004-06-01
CVE-2003-0141
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
CVSS Score
5.1
EPSS Score
0.002
Published
2003-04-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved