Vulnerabilities > Realnetworks > Realone Player > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1481 | Unspecified vulnerability in Realnetworks Helix Player, Realone Player and Realplayer Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | 5.1 |
| 2004-11-23 | CVE-2004-0273 | Path Traversal vulnerability in Realnetworks products Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. | 9.3 |
| 2004-11-23 | CVE-2004-0258 | Buffer Overrun vulnerability in Multiple RealPlayer/RealOne Player Supported File Type Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | 7.6 |
| 2004-10-06 | CVE-2005-0192 | Directory Traversal vulnerability in RealPlayer Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. | 2.6 |
| 2004-10-06 | CVE-2005-0189 | Buffer Overflow vulnerability in RealNetworks RealOne Player And RealPlayer ShowPreferences Action Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | 7.5 |
| 2004-09-29 | CVE-2005-0190 | Remote Arbitrary File Deletion vulnerability in RealNetworks RealOne Player And RealPlayer Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. | 2.6 |
| 2003-12-31 | CVE-2003-1509 | Unspecified vulnerability in Realnetworks Realone Enterprise Desktop and Realone Player Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | 10.0 |
| 2003-04-02 | CVE-2003-0141 | Unspecified vulnerability in Realnetworks products The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | 5.1 |
| 2002-12-11 | CVE-2002-1321 | Unspecified vulnerability in Realnetworks Realone Player and Realplayer Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. | 7.5 |