Realnetworks : Security Vulnerabilities, CVEs, CVSS score between 2 and 2.99
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
Max CVSS
2.6
EPSS Score
0.51%
Published
2000-04-03
Updated
2008-09-05
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.
Max CVSS
2.6
EPSS Score
0.36%
Published
2004-09-29
Updated
2017-11-16
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
Max CVSS
2.6
EPSS Score
0.26%
Published
2004-10-06
Updated
2017-12-12
Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag.
Max CVSS
2.6
EPSS Score
0.72%
Published
2005-05-02
Updated
2017-07-11
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.
Max CVSS
2.1
EPSS Score
95.99%
Published
2012-04-17
Updated
2017-12-29
5 vulnerabilities found