This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:realnetworks:realplayer:11.0 |
| Detail | |||
|---|---|---|---|
| Vendor | Realnetworks | First view | 2010-01-25 |
| Product | Realplayer | Last view | 2013-03-20 |
| Version | 11.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:realnetworks:realplayer | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 9.3 | 2013-03-20 | CVE-2013-1750 | Network | Medium | None Requ... | |
| 9.3 | 2012-12-19 | CVE-2012-5691 | Network | Medium | None Requ... | |
| 9.3 | 2012-12-19 | CVE-2012-5690 | Network | Medium | None Requ... | |
| 7.5 | 2012-09-12 | CVE-2012-3234 | Network | Low | None Requ... | |
| 6.8 | 2012-09-12 | CVE-2012-2410 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 7.5 | 2012-09-12 | CVE-2012-2409 | Network | Low | None Requ... | |
| 6.8 | 2012-09-12 | CVE-2012-2408 | Network | Medium | None Requ... | |
| 7.5 | 2012-09-12 | CVE-2012-2407 | Network | Low | None Requ... | |
| 9.3 | 2012-05-18 | CVE-2012-2411 | Network | Medium | None Requ... | |
| 9.3 | 2012-05-18 | CVE-2012-2406 | Network | Medium | None Requ... | |
| 4.3 | 2012-03-28 | CVE-2012-1904 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0928 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0927 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0926 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0925 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0924 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0923 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0922 | Network | Medium | None Requ... | |
| 9.3 | 2011-11-24 | CVE-2011-4262 | Network | Medium | None Requ... | |
| 9.3 | 2011-11-24 | CVE-2011-4261 | Network | Medium | None Requ... | |
| 9.3 | 2011-11-24 | CVE-2011-4260 | Network | Medium | None Requ... | |
| 9.3 | 2011-11-24 | CVE-2011-4259 | Network | Medium | None Requ... | |
| 9.3 | 2011-11-24 | CVE-2011-4258 | Network | Medium | None Requ... | |
| 9.3 | 2011-11-24 | CVE-2011-4257 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 56% (51) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 21% (19) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (7) | CWE-189 | Numeric Errors |
| 6% (6) | CWE-20 | Improper Input Validation |
| 4% (4) | CWE-399 | Resource Management Errors |
| % | id | Name |
|---|---|---|
| 2% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10144 | Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in data... |
| oval:org.mitre.oval:def:9998 | Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0... |
| oval:org.mitre.oval:def:10677 | Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks Rea... |
| oval:org.mitre.oval:def:10641 | Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in cl... |
| oval:org.mitre.oval:def:11110 | Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dl... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:7326 | Integer overflow vulnerability in RealNetworks RealPlayer 11.0 through 11.1 a... |
| oval:org.mitre.oval:def:7169 | Vulnerability in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1... |
| oval:org.mitre.oval:def:6807 | Heap-based buffer overflow vulnerability in RealNetworks RealPlayer 11.0 thro... |
| oval:org.mitre.oval:def:6703 | Array index error vulnerability in RealNetworks RealPlayer 11.0 through 11.1 |
| oval:org.mitre.oval:def:6651 | Multiple integer overflows in the ParseKnownType function in RealNetworks Rea... |
| oval:org.mitre.oval:def:7507 | Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE)... |
| oval:org.mitre.oval:def:7227 | Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows... |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 77286 | RealPlayer RTSP SETUP Request Handling Unspecified Remote Code Execution |
| 77285 | RealPlayer RV20 File Decoding Unspecified Remote Code Execution |
| 77284 | RealPlayer RV10 Sample Height Handling Unspecified Remote Code Execution |
| 77283 | RealPlayer MP4 File Handling Unspecified Remote Code Execution |
| 77282 | RealPlayer MP4 Video Dimension Handling Unspecified Remote Memory Corruption |
| id | Description |
|---|---|
| 77281 | RealPlayer mp4arender.dll module esds Channel Count Handling Remote Overflow |
| 77280 | RealPlayer MPG Zero Width Value Handling Remote Memory Corruption |
| 77279 | RealPlayer IVR MLTI Chunk Length Handling Remote Overflow |
| 77278 | RealPlayer Cook Codec Channel Handling Unspecified Remote Code Execution |
| 77277 | RealPlayer RV30 Uninitialized Index Value Handling Unspecified Remote Code Ex... |
| 77276 | RealPlayer Invalid Codec Name Handling Unspecified Remote Code Execution |
| 77275 | RealPlayer RealAudio Sample Size Handling Unspecified Remote Code Execution |
| 77274 | RealPlayer ATRC Codec Handling Unspecified Remote Code Execution |
| 77273 | RealPlayer RV30 Encoded File Handling Index Unspecified Remote Code Execution |
| 77272 | RealPlayer Channel Change AAC File Handling Remote Overflow |
| 77271 | RealPlayer QCELP Stream Handling Unspecified Remote Code Execution |
| 77270 | RealPlayer AAC Codec Handling Unspecified Remote Memory Corruption |
| 77269 | RealPlayer RealVideo Rendering Handling Unspecified Remote Memory Corruption |
| 77268 | RealPlayer RealVideo Rendering Handling Unspecified Remote Overflow |
| 76074 | RealPlayer Local HTML File Cross-Zone Scripting Remote Code Execution (2011-1... |
| 74555 | RealPlayer ActiveX Control Embedded Modal Dialog Unspecified Use-after-free I... |
| 74554 | RealPlayer ActiveX Control Embedded AutoUpdate Unspecified Use-after-free Issue |
| 74553 | RealPlayer ActiveX Control Unspecified Out-of-bounds Issue |
| 74552 | RealPlayer AAC raw_data_frame Element Parsing Overflow |
| 74551 | RealPlayer pngu3267.dll Use-after-free Dialog Box Handling Memory Corruption |
ExploitDB Exploits
| id | Description |
|---|---|
| 14992 | MOAUB #13 - RealPlayer FLV Parsing Integer Overflow |
Metasploit Exploits
| id | Description |
|---|---|
| 2012-12-14 | RealPlayer RealMedia File Handling Buffer Overflow |
| 2011-08-16 | RealNetworks Realplayer QCP Parsing Heap Overflow |
| 2010-11-15 | RealNetworks RealPlayer CDDA URI Initialization Vulnerability |
