Vulnerabilities > Realnetworks > Critical

DATE CVE VULNERABILITY TITLE RISK
2011-11-24 CVE-2011-4261 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.
network
realnetworks CWE-119
critical
 9.3
9.3
2011-11-24 CVE-2011-4260 Code Injection vulnerability in Realnetworks Realplayer
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.
network
realnetworks CWE-94
critical
 9.3
9.3
2011-11-24 CVE-2011-4259 Numeric Errors vulnerability in Realnetworks Realplayer
Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file.
network
realnetworks CWE-189
critical
 9.3
9.3
2011-11-24 CVE-2011-4258 Code Injection vulnerability in Realnetworks Realplayer
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
network
realnetworks CWE-94
critical
 9.3
9.3
2011-11-24 CVE-2011-4257 Code Injection vulnerability in Realnetworks Realplayer
The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.
network
realnetworks CWE-94
critical
 9.3
9.3
2011-11-24 CVE-2011-4256 Code Injection vulnerability in Realnetworks Realplayer
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.
network
low complexity
realnetworks CWE-94
critical
 10.0
10
2011-11-24 CVE-2011-4255 Unspecified vulnerability in Realnetworks Realplayer
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name.
network
low complexity
realnetworks
critical
 10.0
10
2011-11-24 CVE-2011-4254 Code Injection vulnerability in Realnetworks Realplayer
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
network
low complexity
realnetworks CWE-94
critical
 10.0
10
2011-11-24 CVE-2011-4253 Unspecified vulnerability in Realnetworks Realplayer
Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors.
network
low complexity
realnetworks
critical
 10.0
10
2011-11-24 CVE-2011-4252 Code Injection vulnerability in Realnetworks Realplayer
The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.
network
realnetworks CWE-94
critical
 9.3
9.3