This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:realnetworks:realplayer:10.5
Detail
VendorRealnetworksFirst view 2004-09-29
ProductRealplayerLast view 2014-01-03
Version10.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:realnetworks:realplayer

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52014-01-03CVE-2013-7260NetworkLowNone Requ...
9.32013-08-26CVE-2013-4974NetworkMediumNone Requ...
9.32013-08-26CVE-2013-4973NetworkMediumNone Requ...
4.32013-07-06CVE-2013-3299NetworkMediumNone Requ...
9.32013-03-20CVE-2013-1750NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
9.32012-12-19CVE-2012-5691NetworkMediumNone Requ...
9.32012-12-19CVE-2012-5690NetworkMediumNone Requ...
7.52012-09-12CVE-2012-3234NetworkLowNone Requ...
6.82012-09-12CVE-2012-2410NetworkMediumNone Requ...
7.52012-09-12CVE-2012-2409NetworkLowNone Requ...
6.82012-09-12CVE-2012-2408NetworkMediumNone Requ...
7.52012-09-12CVE-2012-2407NetworkLowNone Requ...
9.32012-05-18CVE-2012-2411NetworkMediumNone Requ...
9.32012-05-18CVE-2012-2406NetworkMediumNone Requ...
4.32012-03-28CVE-2012-1904NetworkMediumNone Requ...
9.32011-11-24CVE-2011-4262NetworkMediumNone Requ...
9.32011-11-24CVE-2011-4261NetworkMediumNone Requ...
9.32011-11-24CVE-2011-4260NetworkMediumNone Requ...
9.32011-11-24CVE-2011-4259NetworkMediumNone Requ...
9.32011-11-24CVE-2011-4258NetworkMediumNone Requ...
9.32011-11-24CVE-2011-4257NetworkMediumNone Requ...
102011-11-24CVE-2011-4256NetworkLowNone Requ...
102011-11-24CVE-2011-4255NetworkLowNone Requ...
102011-11-24CVE-2011-4254NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
65% (29)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
22% (10)CWE-94Failure to Control Generation of Code ('Code Injection')
4% (2)CWE-189Numeric Errors
4% (2)CWE-20Improper Input Validation
2% (1)CWE-399Resource Management Errors

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:11419Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and e...
oval:org.mitre.oval:def:9550Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1...
oval:org.mitre.oval:def:11444Heap-based buffer overflow in the embedded player in multiple RealNetworks pr...
oval:org.mitre.oval:def:10554Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue functio...
oval:org.mitre.oval:def:10144Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in data...
Hide | Show 4 More...
idName
oval:org.mitre.oval:def:9998Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0...
oval:org.mitre.oval:def:10677Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks Rea...
oval:org.mitre.oval:def:10641Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in cl...
oval:org.mitre.oval:def:11110Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dl...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
77286RealPlayer RTSP SETUP Request Handling Unspecified Remote Code Execution
77285RealPlayer RV20 File Decoding Unspecified Remote Code Execution
77284RealPlayer RV10 Sample Height Handling Unspecified Remote Code Execution
77283RealPlayer MP4 File Handling Unspecified Remote Code Execution
77282RealPlayer MP4 Video Dimension Handling Unspecified Remote Memory Corruption
Hide | Show 20 More...
idDescription
77281RealPlayer mp4arender.dll module esds Channel Count Handling Remote Overflow
77280RealPlayer MPG Zero Width Value Handling Remote Memory Corruption
77279RealPlayer IVR MLTI Chunk Length Handling Remote Overflow
77278RealPlayer Cook Codec Channel Handling Unspecified Remote Code Execution
77277RealPlayer RV30 Uninitialized Index Value Handling Unspecified Remote Code Ex...
77276RealPlayer Invalid Codec Name Handling Unspecified Remote Code Execution
77275RealPlayer RealAudio Sample Size Handling Unspecified Remote Code Execution
77274RealPlayer ATRC Codec Handling Unspecified Remote Code Execution
77273RealPlayer RV30 Encoded File Handling Index Unspecified Remote Code Execution
77272RealPlayer Channel Change AAC File Handling Remote Overflow
77271RealPlayer QCELP Stream Handling Unspecified Remote Code Execution
77270RealPlayer AAC Codec Handling Unspecified Remote Memory Corruption
77269RealPlayer RealVideo Rendering Handling Unspecified Remote Memory Corruption
77268RealPlayer RealVideo Rendering Handling Unspecified Remote Overflow
71260RealPlayer rvrender.dll IVR File Handling Overflow
61973RealNetworks Multiple Products smlrender.dll SMIL File Handling Overflow
61972RealNetworks Multiple Products CMediumBlockAllocator::Alloc Method Crafted RT...
61971RealNetworks Multiple Products Crafted ASM RuleBook Overflow
61970RealNetworks Multiple Products RJS Skin File Handling Overflow
61969RealNetworks Multiple Products Compressed GIF File Handling Overflow

Milw0rm Exploits

idDescription
2008-04-01Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit
2006-12-28RealPlayer 10.5 ierpplug.dll Internet Explorer Denial of Service Exploit
2006-12-20RealPlayer 10.5 (ActiveX Control) Denial of Service Exploit

ExploitDB Exploits

idDescription
30468RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - (.rmp) Version Attribute Buffer...
27460RealNetworks Multiple Products Multiple Buffer Overflow Vulnerabilities
1622RealPlayer <= 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow PoC

Metasploit Exploits

idDescription
2008-03-08RealPlayer rmoc3260.dll ActiveX Control Heap Corruption
2012-12-14RealPlayer RealMedia File Handling Buffer Overflow
2007-10-18RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow
2013-12-20RealNetworks RealPlayer Version Attribute Buffer Overflow

OpenVAS Exploits

idDescription
2012-12-25Name : RealNetworks RealPlayer Code Execution Vulnerabilities - Dec12 (Win)
File : nvt/gb_realplayer_code_exec_vuln_dec12_win.nasl
2012-09-21Name : RealNetworks RealPlayer Multiple Vulnerabilities - Sep12 (Mac OS X)
File : nvt/gb_realplayer_mult_vuln_sep12_macosx.nasl
2012-09-21Name : RealNetworks RealPlayer Multiple Vulnerabilities - Sep12 (Win)
File : nvt/gb_realplayer_mult_vuln_sep12_win.nasl
2012-04-02Name : RealNetworks RealPlayer MP4 File Handling Denial of Service Vulnerability (Win)
File : nvt/gb_realplayer_mp4_file_dos_vuln_win.nasl
2011-11-29Name : RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Mac OS X)
File : nvt/secpod_realplayer_mult_vuln_nov11_macosx.nasl
Hide | Show 18 More...
idDescription
2011-11-29Name : RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Win)
File : nvt/secpod_realplayer_mult_vuln_nov11_win.nasl
2011-04-11Name : RealNetworks RealPlayer IVR File Processing Buffer Overflow Vulnerability (Wi...
File : nvt/gb_realplayer_ivr_bof_vuln_win.nasl
2010-02-15Name : CentOS Update for HelixPlayer CESA-2010:0094 centos4 i386
File : nvt/gb_CESA-2010_0094_HelixPlayer_centos4_i386.nasl
2010-02-15Name : RedHat Update for HelixPlayer RHSA-2010:0094-02
File : nvt/gb_RHSA-2010_0094-02_HelixPlayer.nasl
2010-02-02Name : RealNetworks RealPlayer ASM RuleBook BOF Vulnerability (Linux)
File : nvt/secpod_realplayer_asm_ruleboook_bof_lin.nasl
2010-02-02Name : RealNetworks RealPlayer ASM RuleBook BOF Vulnerability (Win)
File : nvt/secpod_realplayer_asm_ruleboook_bof_win.nasl
2010-02-02Name : RealNetworks RealPlayer Multiple Code Execution Vulnerabilities (Linux)
File : nvt/secpod_realplayer_mult_code_exec_vuln_lin.nasl
2010-02-02Name : RealNetworks RealPlayer Multiple Code Execution Vulnerabilities (Win)
File : nvt/secpod_realplayer_mult_code_exec_vuln_win.nasl
2010-02-02Name : RealNetworks RealPlayer SMIL file BOF Vulnerability (Linux)
File : nvt/secpod_realplayer_smil_bof_lin.nasl
2009-02-27Name : Fedora Update for HelixPlayer FEDORA-2007-0756
File : nvt/gb_fedora_2007_0756_HelixPlayer_fc7.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200603-24 (RealPlayer)
File : nvt/glsa_200603_24.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200709-05 (realplayer)
File : nvt/glsa_200709_05.nasl
2008-09-04Name : FreeBSD Ports: linux-realplayer
File : nvt/freebsd_linux-realplayer.nasl
2008-09-04Name : FreeBSD Ports: linux-realplayer
File : nvt/freebsd_linux-realplayer0.nasl
2008-09-04Name : FreeBSD Ports: linux-realplayer
File : nvt/freebsd_linux-realplayer2.nasl
2008-09-04Name : FreeBSD Ports: linux-realplayer
File : nvt/freebsd_linux-realplayer3.nasl
2008-09-04Name : FreeBSD Ports: linux-realplayer
File : nvt/freebsd_linux-realplayer4.nasl
2008-01-17Name : Debian Security Advisory DSA 915-1 (helix-player)
File : nvt/deb_915_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0013Multiple Vulnerabilities in RealPlayer
Severity : Category II - VMSKEY : V0043409
2013-A-0166Multiple Security Vulnerabilities in RealNetworks RealPlayer
Severity : Category II - VMSKEY : V0040163
2010-A-0022Multiple HelixPlayer Vulnerabilities in Red Hat Enterprise Linux 4
Severity : Category II - VMSKEY : V0022670
2007-B-0035Multiple RealPlayer Remote Code Execution Vulnerabilities
Severity : Category II - VMSKEY : V0015376

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX function call access
RuleID : 9673 - Type : BROWSER-PLUGINS - Revision : 10
2014-01-10RealPlayer AutoStream.AutoStream.1 ActiveX clsid unicode access
RuleID : 9672 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX clsid access
RuleID : 9671 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealPlayer Stream Handler ActiveX clsid unicode access
RuleID : 8410 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10RealNetworks RealPlayer Stream Handler ActiveX clsid access
RuleID : 8409 - Type : BROWSER-PLUGINS - Revision : 13
Hide | Show 20 More...
DateDescription
2014-01-10RealPlayer RMP Download Handler ActiveX clsid unicode access
RuleID : 8390 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10RealNetworks RealPlayer RMP Download Handler ActiveX clsid access
RuleID : 8389 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealPlayer RNX Download Handler ActiveX clsid unicode access
RuleID : 8388 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10RealNetworks RealPlayer RNX Download Handler ActiveX clsid access
RuleID : 8387 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealPlayer Playback Handler ActiveX clsid unicode access
RuleID : 8386 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10RealNetworks RealPlayer Playback Handler ActiveX clsid access
RuleID : 8385 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealPlayer RAM Download Handler ActiveX clsid unicode access
RuleID : 8384 - Type : WEB-ACTIVEX - Revision : 9
2014-01-10RealNetworks RealPlayer RAM Download Handler ActiveX clsid access
RuleID : 8383 - Type : BROWSER-PLUGINS - Revision : 14
2014-01-10RealPlayer SMIL Download Handler ActiveX clsid unicode access
RuleID : 8382 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access
RuleID : 8381 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealPlayer Download Handler ActiveX clsid unicode access
RuleID : 8378 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10RealNetworks RealPlayer Download Handler ActiveX clsid access
RuleID : 8377 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealNetworks RealPlayer VIDORV30 header length buffer overflow
RuleID : 3470 - Type : FILE-MULTIMEDIA - Revision : 9
2014-11-16RealNetworks RealPlayer mpeg width integer memory underflow attempt
RuleID : 31376 - Type : FILE-MULTIMEDIA - Revision : 2
2014-01-16RealNetworks RealPlayer RealMedia URL length buffer overflow attempt
RuleID : 28962 - Type : FILE-MULTIMEDIA - Revision : 2
2014-01-16RealNetworks RealPlayer RealMedia URL length buffer overflow attempt
RuleID : 28961 - Type : FILE-MULTIMEDIA - Revision : 2
2014-01-10RealNetworks RealPlayer SWF flash file buffer overflow attempt
RuleID : 28666 - Type : FILE-FLASH - Revision : 1
2014-01-10RealNetworks RealPlayer SWF flash file buffer overflow attempt
RuleID : 28665 - Type : FILE-FLASH - Revision : 1
2014-01-10RealNetworks RealPlayer SWF flash file buffer overflow attempt
RuleID : 28664 - Type : FILE-FLASH - Revision : 1
2014-01-10ZIP file name overflow attempt
RuleID : 21484 - Type : FILE-OTHER - Revision : 10

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-12-31Name : A multimedia application on the remote Windows host is affected by a buffer o...
File : realplayer_17_0_4_61.nasl - Type : ACT_GATHER_INFO
2013-08-28Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_16_0_3_51.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0094.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2007-0605.nasl - Type : ACT_GATHER_INFO
2013-03-20Name : A multimedia application on the remote Windows host is affected by a buffer o...
File : realplayer_16_0_1_18.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0257.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-762.nasl - Type : ACT_GATHER_INFO
2012-12-18Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_16_0_0_282.nasl - Type : ACT_GATHER_INFO
2012-09-12Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_6_14.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20070627_HelixPlayer_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20100209_HelixPlayer_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_4_53.nasl - Type : ACT_GATHER_INFO
2011-12-06Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_0_198.nasl - Type : ACT_GATHER_INFO
2011-04-14Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_12_0_1_647.nasl - Type : ACT_GATHER_INFO
2010-02-10Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0094.nasl - Type : ACT_GATHER_INFO
2010-02-10Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0094.nasl - Type : ACT_GATHER_INFO
2010-01-22Name : The remote Windows application is affected by multiple buffer overflow vulner...
File : realplayer_12_0_0_319.nasl - Type : ACT_GATHER_INFO
2009-08-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0841.nasl - Type : ACT_GATHER_INFO
2008-07-28Name : The remote Windows application is affected by at least one security vulnerabi...
File : realplayer_6_0_14_806.nasl - Type : ACT_GATHER_INFO
2008-03-12Name : The remote Windows host has an ActiveX control that is affected by heap memor...
File : realplayer_rmoc3260_activex.nasl - Type : ACT_GATHER_INFO
2008-01-07Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_f762ccbbbaed11dca302000102cc8983.nasl - Type : ACT_GATHER_INFO
2007-11-06Name : The remote Fedora host is missing a security update.
File : fedora_2007-0756.nasl - Type : ACT_GATHER_INFO
2007-10-30Name : The remote Windows application is affected by several buffer overflow vulnera...
File : realplayer_6_0_12_1662.nasl - Type : ACT_GATHER_INFO
2007-10-23Name : The remote Windows host contains an application that is affected by a buffer ...
File : realplayer_playlist_handling_overflow.nasl - Type : ACT_GATHER_INFO
2007-09-24Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200709-05.nasl - Type : ACT_GATHER_INFO