This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:realnetworks:realplayer_sp:1.0.1
Detail
Vendor Realnetworks First view 2010-01-25
Product Realplayer Sp Last view 2013-08-26
Version 1.0.1 Type Application
Edition  
Language  
Update  
 
CPE Product cpe:/a:realnetworks:realplayer_sp

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2013-08-26 CVE-2013-4974 Network Medium None Requ...
9.3 2013-08-26 CVE-2013-4973 Network Medium None Requ...
9.3 2013-03-20 CVE-2013-1750 Network Medium None Requ...
9.3 2012-12-19 CVE-2012-5691 Network Medium None Requ...
9.3 2012-12-19 CVE-2012-5690 Network Medium None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.5 2012-09-12 CVE-2012-3234 Network Low None Requ...
6.8 2012-09-12 CVE-2012-2410 Network Medium None Requ...
7.5 2012-09-12 CVE-2012-2409 Network Low None Requ...
6.8 2012-09-12 CVE-2012-2408 Network Medium None Requ...
7.5 2012-09-12 CVE-2012-2407 Network Low None Requ...
9.3 2012-05-18 CVE-2012-2411 Network Medium None Requ...
9.3 2012-05-18 CVE-2012-2406 Network Medium None Requ...
4.3 2012-03-28 CVE-2012-1904 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0928 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0927 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0926 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0925 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0924 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0923 Network Medium None Requ...
9.3 2012-02-08 CVE-2012-0922 Network Medium None Requ...
4.3 2011-10-04 CVE-2011-1221 Network Medium None Requ...
9.3 2011-08-18 CVE-2011-2955 Network Medium None Requ...
9.3 2011-08-18 CVE-2011-2954 Network Medium None Requ...
10 2011-08-18 CVE-2011-2953 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
64% (47)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (9)CWE-94Failure to Control Generation of Code ('Code Injection')
8% (6)CWE-189Numeric Errors
5% (4)CWE-399Resource Management Errors
5% (4)CWE-20Improper Input Validation
Hide | Show 2 More...
%idName
2% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (1)CWE-264Permissions, Privileges, and Access Controls

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:10144Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in data...
oval:org.mitre.oval:def:9998Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0...
oval:org.mitre.oval:def:10677Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks Rea...
oval:org.mitre.oval:def:10641Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in cl...
oval:org.mitre.oval:def:11110Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dl...
Hide | Show 5 More...
idName
oval:org.mitre.oval:def:7326Integer overflow vulnerability in RealNetworks RealPlayer 11.0 through 11.1 a...
oval:org.mitre.oval:def:7169Vulnerability in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1...
oval:org.mitre.oval:def:6807Heap-based buffer overflow vulnerability in RealNetworks RealPlayer 11.0 thro...
oval:org.mitre.oval:def:6651Multiple integer overflows in the ParseKnownType function in RealNetworks Rea...
oval:org.mitre.oval:def:7507Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE)...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76074RealPlayer Local HTML File Cross-Zone Scripting Remote Code Execution (2011-1...
74555RealPlayer ActiveX Control Embedded Modal Dialog Unspecified Use-after-free I...
74554RealPlayer ActiveX Control Embedded AutoUpdate Unspecified Use-after-free Issue
74553RealPlayer ActiveX Control Unspecified Out-of-bounds Issue
74552RealPlayer AAC raw_data_frame Element Parsing Overflow
Hide | Show 20 More...
idDescription
74551RealPlayer pngu3267.dll Use-after-free Dialog Box Handling Memory Corruption
74549RealPlayer qcpfformat.dll QCP File Handling Overflow
74548RealPlayer ID3v2 Tag MP3 File Handling Overflow
74547RealPlayer DEFINEFONT Field SWF File Handling Memory Corruption
74546RealPlayer Local HTML File Cross-Zone Scripting Remote Code Execution (2011-2...
74545RealPlayer ActiveX Control Unspecified Remote Code Execution
74544RealPlayer SIPR Unspecified Overflow
73158RealPlayer OpenURLInDefaultBrowser Method Crafted RNX File Handling Remote Co...
70849RealPlayer Predictable Temporary Filename Code Execution
70682RealPlayer vidplin.dll AVI File Header Handling Overflow
69859RealPlayer Multiple Products Custsupport.html Component RealOneActiveXObject ...
69858RealPlayer Multiple Products Main.html Component RealOneActiveXObject Process...
69857RealPlayer Multiple Products Upsell.htm Component RealOneActiveXObject Proces...
69856RealPlayer Multiple Products pnen3260.dll Module AAC File TIT2 Atom Overflow
69855RealPlayer Multiple Products ActiveX HandleAction Method Local Zone Cross-zon...
69854RealPlayer Multiple Products AAC Frame Data Conditional Component Overflow
69853RealPlayer Multiple Products RealPix File HTTP Request Server Header Overflow
69852RealPlayer Multiple Products RealMedia File Crafted ImageMap Data Overflow
69851RealPlayer Multiple Products RMX File Unspecified Header Field Overflow
69850RealPlayer Multiple Products IVR File Crafted Header Multiple Overflows

ExploitDB Exploits

idDescription
14992MOAUB #13 - RealPlayer FLV Parsing Integer Overflow

Metasploit Exploits

idDescription
2012-12-14RealPlayer RealMedia File Handling Buffer Overflow
2011-08-16RealNetworks Realplayer QCP Parsing Heap Overflow
2010-11-15RealNetworks RealPlayer CDDA URI Initialization Vulnerability

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-25Name : RealNetworks RealPlayer Code Execution Vulnerabilities - Dec12 (Win)
File : nvt/gb_realplayer_code_exec_vuln_dec12_win.nasl
2012-09-21Name : RealNetworks RealPlayer Multiple Vulnerabilities - Sep12 (Mac OS X)
File : nvt/gb_realplayer_mult_vuln_sep12_macosx.nasl
2012-09-21Name : RealNetworks RealPlayer Multiple Vulnerabilities - Sep12 (Win)
File : nvt/gb_realplayer_mult_vuln_sep12_win.nasl
2012-07-30Name : CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 x86_64
File : nvt/gb_CESA-2010_0981_HelixPlayer-uninstall_centos4_x86_64.nasl
2012-04-02Name : RealNetworks RealPlayer MP4 File Handling Denial of Service Vulnerability (Win)
File : nvt/gb_realplayer_mp4_file_dos_vuln_win.nasl
Hide | Show 20 More...
idDescription
2012-02-21Name : RealNetworks RealPlayer Atrac Sample Decoding Remote Code Execution Vulnerab...
File : nvt/gb_realplayer_atrac_sample_code_exec_vuln_macosx.nasl
2012-02-21Name : RealNetworks RealPlayer Atrac Sample Decoding Remote Code Execution Vulnerab...
File : nvt/gb_realplayer_atrac_sample_code_exec_vuln_win.nasl
2012-02-21Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Feb12
File : nvt/gb_realplayer_mult_vuln_win_feb12.nasl
2011-08-31Name : RealNetworks RealPlayer Multiple Vulnerabilities (Mac OS X)
File : nvt/secpod_realplayer_mult_vuln_macosx.nasl
2011-08-31Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Aug11
File : nvt/secpod_realplayer_mult_vuln_win_01_aug11.nasl
2011-08-31Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Aug11
File : nvt/secpod_realplayer_mult_vuln_win_02_aug11.nasl
2011-08-09Name : CentOS Update for HelixPlayer-uninstall CESA-2010:0981 centos4 i386
File : nvt/gb_CESA-2010_0981_HelixPlayer-uninstall_centos4_i386.nasl
2011-04-22Name : RealNetworks RealPlayer 'OpenURLInDefaultBrowser()' Code Execution Vulnerabil...
File : nvt/gb_realplayer_code_exec_vuln_win.nasl
2011-02-18Name : RealNetworks RealPlayer Buffer Overflow Vulnerability (Windows)
File : nvt/gb_realplayer_bof_vuln_win.nasl
2010-12-29Name : RealNetworks RealPlayer Multiple Vulnerabilities (Linux) - Dec 10
File : nvt/gb_realplayer_mult_vuln_lin_dec10.nasl
2010-12-29Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10
File : nvt/gb_realplayer_mult_vuln_win_01_dec10.nasl
2010-12-29Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10
File : nvt/gb_realplayer_mult_vuln_win_02_dec10.nasl
2010-12-29Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10
File : nvt/gb_realplayer_mult_vuln_win_03_dec10.nasl
2010-12-29Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win) - Dec10
File : nvt/gb_realplayer_mult_vuln_win_dec10.nasl
2010-09-08Name : RealNetworks RealPlayer Multiple Vulnerabilities (Win)
File : nvt/gb_realplayer_mult_vuln_win.nasl
2010-02-15Name : CentOS Update for HelixPlayer CESA-2010:0094 centos4 i386
File : nvt/gb_CESA-2010_0094_HelixPlayer_centos4_i386.nasl
2010-02-15Name : RedHat Update for HelixPlayer RHSA-2010:0094-02
File : nvt/gb_RHSA-2010_0094-02_HelixPlayer.nasl
2010-02-02Name : RealNetworks RealPlayer ASM RuleBook BOF Vulnerability (Linux)
File : nvt/secpod_realplayer_asm_ruleboook_bof_lin.nasl
2010-02-02Name : RealNetworks RealPlayer ASM RuleBook BOF Vulnerability (Win)
File : nvt/secpod_realplayer_asm_ruleboook_bof_win.nasl
2010-02-02Name : RealNetworks RealPlayer Multiple Code Execution Vulnerabilities (Linux)
File : nvt/secpod_realplayer_mult_code_exec_vuln_lin.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0166Multiple Security Vulnerabilities in RealNetworks RealPlayer
Severity : Category II - VMSKEY : V0040163
2010-A-0022Multiple HelixPlayer Vulnerabilities in Red Hat Enterprise Linux 4
Severity : Category II - VMSKEY : V0022670

Snort® IPS/IDS

DateDescription
2014-01-16RealNetworks RealPlayer RealMedia URL length buffer overflow attempt
RuleID : 28962 - Type : FILE-MULTIMEDIA - Revision : 2
2014-01-16RealNetworks RealPlayer RealMedia URL length buffer overflow attempt
RuleID : 28961 - Type : FILE-MULTIMEDIA - Revision : 2
2014-01-10RealNetworks RealPlayer QCP parsing buffer overflow attempt
RuleID : 20288 - Type : FILE-MULTIMEDIA - Revision : 8
2014-01-10RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt
RuleID : 19169 - Type : FILE-MULTIMEDIA - Revision : 7
2014-01-10RealNetworks RealPlayer FLV parsing two integer overflow vulnerabilities
RuleID : 19002 - Type : FILE-FLASH - Revision : 7
Hide | Show 6 More...
DateDescription
2014-01-10RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt
RuleID : 18578 - Type : BROWSER-PLUGINS - Revision : 6
2014-01-10RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access
RuleID : 12767 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10RealNetworks RealPlayer RMOC3260.DLL ActiveX clsid access
RuleID : 12766 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10RealNetworks RealPlayer Ierpplug.dll ActiveX function call access
RuleID : 10194 - Type : BROWSER-PLUGINS - Revision : 17
2014-01-10RealNetworks RealPlayer Ierpplug.dll ActiveX function call access
RuleID : 10193 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10RealNetworks RealPlayer Ierpplug.dll ActiveX clsid access
RuleID : 10192 - Type : BROWSER-PLUGINS - Revision : 20

Nessus® Vulnerability Scanner

idDescription
2013-08-28Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_16_0_3_51.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0094.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host has a deprecated application.
File : oraclelinux_ELSA-2010-0981.nasl - Type : ACT_GATHER_INFO
2013-03-20Name : A multimedia application on the remote Windows host is affected by a buffer o...
File : realplayer_16_0_1_18.nasl - Type : ACT_GATHER_INFO
2012-12-18Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_16_0_0_282.nasl - Type : ACT_GATHER_INFO
Hide | Show 16 More...
idDescription
2012-09-12Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_6_14.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20100209_HelixPlayer_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101214_HelixPlayer_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_4_53.nasl - Type : ACT_GATHER_INFO
2012-02-08Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_15_0_2_71.nasl - Type : ACT_GATHER_INFO
2011-08-19Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_12_0_1_666.nasl - Type : ACT_GATHER_INFO
2011-04-14Name : A multimedia application on the remote Windows host is affected by multiple v...
File : realplayer_12_0_1_647.nasl - Type : ACT_GATHER_INFO
2011-01-28Name : A multimedia application on the remote Windows host can be abused to execute ...
File : realplayer_12_0_1_633.nasl - Type : ACT_GATHER_INFO
2011-01-28Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0981.nasl - Type : ACT_GATHER_INFO
2010-12-15Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0981.nasl - Type : ACT_GATHER_INFO
2010-11-16Name : An application on the remote Windows host is affected by multiple vulnerabili...
File : realplayer_12_0_1_609.nasl - Type : ACT_GATHER_INFO
2010-10-19Name : The remote Windows application is affected by multiple vulnerabilities.
File : realplayer_enterprise_6_0_12_1823.nasl - Type : ACT_GATHER_INFO
2010-08-27Name : The remote Windows application is affected by multiple vulnerabilities.
File : realplayer_12_0_0_879.nasl - Type : ACT_GATHER_INFO
2010-02-10Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0094.nasl - Type : ACT_GATHER_INFO
2010-02-10Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0094.nasl - Type : ACT_GATHER_INFO
2010-01-22Name : The remote Windows application is affected by multiple buffer overflow vulner...
File : realplayer_12_0_0_319.nasl - Type : ACT_GATHER_INFO