This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:realnetworks:realplayer_sp:1.1.2 |
| Detail | |||
|---|---|---|---|
| Vendor | Realnetworks | First view | 2010-08-30 |
| Product | Realplayer Sp | Last view | 2013-03-20 |
| Version | 1.1.2 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:realnetworks:realplayer_sp | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 9.3 | 2013-03-20 | CVE-2013-1750 | Network | Medium | None Requ... | |
| 9.3 | 2012-12-19 | CVE-2012-5691 | Network | Medium | None Requ... | |
| 9.3 | 2012-12-19 | CVE-2012-5690 | Network | Medium | None Requ... | |
| 7.5 | 2012-09-12 | CVE-2012-3234 | Network | Low | None Requ... | |
| 6.8 | 2012-09-12 | CVE-2012-2410 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 7.5 | 2012-09-12 | CVE-2012-2409 | Network | Low | None Requ... | |
| 6.8 | 2012-09-12 | CVE-2012-2408 | Network | Medium | None Requ... | |
| 7.5 | 2012-09-12 | CVE-2012-2407 | Network | Low | None Requ... | |
| 9.3 | 2012-05-18 | CVE-2012-2411 | Network | Medium | None Requ... | |
| 9.3 | 2012-05-18 | CVE-2012-2406 | Network | Medium | None Requ... | |
| 4.3 | 2012-03-28 | CVE-2012-1904 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0928 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0927 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0926 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0925 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0924 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0923 | Network | Medium | None Requ... | |
| 9.3 | 2012-02-08 | CVE-2012-0922 | Network | Medium | None Requ... | |
| 4.3 | 2011-10-04 | CVE-2011-1221 | Network | Medium | None Requ... | |
| 9.3 | 2011-08-18 | CVE-2011-2955 | Network | Medium | None Requ... | |
| 9.3 | 2011-08-18 | CVE-2011-2954 | Network | Medium | None Requ... | |
| 10 | 2011-08-18 | CVE-2011-2953 | Network | Low | None Requ... | |
| 9.3 | 2011-08-18 | CVE-2011-2952 | Network | Medium | None Requ... | |
| 9.3 | 2011-08-18 | CVE-2011-2951 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 61% (35) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 15% (9) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (4) | CWE-189 | Numeric Errors |
| 5% (3) | CWE-399 | Resource Management Errors |
| 5% (3) | CWE-20 | Improper Input Validation |
| % | id | Name |
|---|---|---|
| 3% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:7326 | Integer overflow vulnerability in RealNetworks RealPlayer 11.0 through 11.1 a... |
| oval:org.mitre.oval:def:7169 | Vulnerability in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1... |
| oval:org.mitre.oval:def:6807 | Heap-based buffer overflow vulnerability in RealNetworks RealPlayer 11.0 thro... |
| oval:org.mitre.oval:def:6651 | Multiple integer overflows in the ParseKnownType function in RealNetworks Rea... |
| oval:org.mitre.oval:def:7507 | Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE)... |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 76074 | RealPlayer Local HTML File Cross-Zone Scripting Remote Code Execution (2011-1... |
| 74555 | RealPlayer ActiveX Control Embedded Modal Dialog Unspecified Use-after-free I... |
| 74554 | RealPlayer ActiveX Control Embedded AutoUpdate Unspecified Use-after-free Issue |
| 74553 | RealPlayer ActiveX Control Unspecified Out-of-bounds Issue |
| 74552 | RealPlayer AAC raw_data_frame Element Parsing Overflow |
| id | Description |
|---|---|
| 74551 | RealPlayer pngu3267.dll Use-after-free Dialog Box Handling Memory Corruption |
| 74549 | RealPlayer qcpfformat.dll QCP File Handling Overflow |
| 74548 | RealPlayer ID3v2 Tag MP3 File Handling Overflow |
| 74547 | RealPlayer DEFINEFONT Field SWF File Handling Memory Corruption |
| 74546 | RealPlayer Local HTML File Cross-Zone Scripting Remote Code Execution (2011-2... |
| 74545 | RealPlayer ActiveX Control Unspecified Remote Code Execution |
| 74544 | RealPlayer SIPR Unspecified Overflow |
| 73158 | RealPlayer OpenURLInDefaultBrowser Method Crafted RNX File Handling Remote Co... |
| 70849 | RealPlayer Predictable Temporary Filename Code Execution |
| 70682 | RealPlayer vidplin.dll AVI File Header Handling Overflow |
| 69859 | RealPlayer Multiple Products Custsupport.html Component RealOneActiveXObject ... |
| 69858 | RealPlayer Multiple Products Main.html Component RealOneActiveXObject Process... |
| 69857 | RealPlayer Multiple Products Upsell.htm Component RealOneActiveXObject Proces... |
| 69855 | RealPlayer Multiple Products ActiveX HandleAction Method Local Zone Cross-zon... |
| 69854 | RealPlayer Multiple Products AAC Frame Data Conditional Component Overflow |
| 69853 | RealPlayer Multiple Products RealPix File HTTP Request Server Header Overflow |
| 69852 | RealPlayer Multiple Products RealMedia File Crafted ImageMap Data Overflow |
| 69851 | RealPlayer Multiple Products RMX File Unspecified Header Field Overflow |
| 69850 | RealPlayer Multiple Products IVR File Crafted Header Multiple Overflows |
| 69849 | RealPlayer Multiple Products Cook Codec Initialization Overflow |
ExploitDB Exploits
| id | Description |
|---|---|
| 14992 | MOAUB #13 - RealPlayer FLV Parsing Integer Overflow |
Metasploit Exploits
| id | Description |
|---|---|
| 2012-12-14 | RealPlayer RealMedia File Handling Buffer Overflow |
| 2011-08-16 | RealNetworks Realplayer QCP Parsing Heap Overflow |
| 2010-11-15 | RealNetworks RealPlayer CDDA URI Initialization Vulnerability |
