exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files

Real Player 10 Gold Exception Handling
Posted Jun 28, 2012
Authored by Dark-Puzzle

This is a local exploit for Real Player 10 Gold that uses a division by zero to trigger an exception handler.

tags | exploit, denial of service, local
SHA-256 | bef48a2af7c152b4698cbb3e2c9b4d15795525b8bf8b700a9f8abe631953ac07

Related Files

RealPlayer 18.1.7.344 Memory Corruption
Posted May 29, 2017
Authored by Cody Sixteen

RealPlayer version 18.1.7.344 suffers from memory corruption vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 34735884e57bf041f2ef2d6a51aff4eac035924e94a271abafaa53b0e7f52ed3
Microsoft Windows Forced Firewall Bypass
Posted Jun 2, 2016
Authored by coolervoid

This is a local proof of concept that simulates a keystroke to allow access when a firewall dialog comes up.

tags | exploit, local, proof of concept
SHA-256 | c1ee2b17cf0a5c1f567e375498763b8bbf6dcc1875ca919554fc51a2f74489ee
Realplayer 16.0.3.51 Memory Corruption
Posted May 16, 2014
Authored by Aryan Bayaninejad

Realplayer version 16.0.3.51 suffers from a memory corruption vulnerability.

tags | exploit
advisories | CVE-2014-3444
SHA-256 | a9944f8e45b971aa74ecfa88cb2d179a7f8d82107f30508555e15e2409a0160c
RealNetworks RealPlayer Version Attribute Buffer Overflow
Posted Dec 26, 2013
Authored by Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2013-6877
SHA-256 | 8a8a413478986610cfe01a2463f28c4cb1a4e732df507042bac07cef2741232e
RealNetworks RealPlayer 16 Buffer Overflow
Posted Dec 25, 2013
Authored by Gabor Seljan

RealNetworks RealPlayer versions 16.0.3.51 and 16.0.2.32 buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
advisories | CVE-2013-6877
SHA-256 | 58542a3b53839183c22c124f4c3d3ee9a380986526edc0d4edc243944855703e
Windows NT/2K/XP/2K3/VISTA/2K8/7/8 EPATHOBJ Local ring0
Posted Jun 3, 2013
Authored by Tavis Ormandy, progmboy

There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.

tags | exploit, local
systems | windows
SHA-256 | 8cf6980d8150418310b84eb82f5ea9cd1af781bba12ccb9ac233cd2f50bba066
RealPlayer 15.0.6.14 Memory Corruption
Posted Nov 1, 2012
Authored by coolkaveh

RealPlayer version 15.0.6.14 suffers from a memory corruption vulnerability when handling 3g2 files.

tags | exploit
systems | linux
SHA-256 | 24f4c38664bb3f9de5ef8bb302bfb7bae67240266f6201421c9e6a5e35839566
Realplayer Watchfolders Long Filepath Overflow
Posted Oct 26, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

Realplayer version 15.0.5.109 is vulnerable to a stack buffer overflow vulnerability in the 'Watch Folders' facility.

tags | advisory, overflow
advisories | CVE-2012-4987
SHA-256 | 4574d497f5b7de99ddcba37f9338d21972b688102da3b115f156e7604e82c00b
RealPlayer 15.0.6.14 Memory Corruption
Posted Oct 22, 2012
Authored by coolkaveh

RealPlayer version 15.0.6.14 3GP file handling memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 20d8ca1eebb1dc078b6215b82e2e0b1922516a1f9b5f6af2f446a39a721e0bcd
RealPlayer 1.1.4 Memory Corruption
Posted Mar 24, 2012
Authored by Senator of Pirates

RealPlayer SP1 versions 1.1.4 Build 12.0.0.756 and below suffer from a memory corruption vulnerability.

tags | exploit
SHA-256 | ddd9e040f4b7eafed5ff80ef2b389fd0a0d7384cbf7bae93936c186a876e915b
RealNetworks Realplayer QCP Parsing Heap Overflow
Posted Sep 17, 2011
Authored by Sean de Regge, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap overflow in Realplayer when handling a .QCP file. The specific flaw exists within qcpfformat.dll. A static 256 byte buffer is allocated on the heap and user-supplied data from the file is copied within a memory copy loop. This allows a remote attacker to execute arbitrary code running in the context of the web browser via a .QCP file with a specially crafted "fmt" chunk. At this moment this module exploits the flaw on Windows XP IE6, IE7.

tags | exploit, remote, web, overflow, arbitrary
systems | windows
advisories | CVE-2011-2950, OSVDB-74549
SHA-256 | cce2bc3fede3c402a04087782f79fa183476cf2dbb4148275dc851a1d3272199
RealPlayer 11 Browser Active-X Code Execution
Posted Apr 25, 2011
Authored by KedAns-Dz

RealPlayer 11 Browser suffers from an active-x related arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution, activex
SHA-256 | 3041d88706bdccc492fbfd8545e6fddf5b77cebe36dd9af230eddebce1330ee3
RealPlayer 14.0.1.633 Heap Overflow
Posted Mar 21, 2011
Authored by Luigi Auriemma | Site aluigi.org

RealPlayer versions 14.0.1.633 and below suffers from a heap overflow during the handling of IVR files. This is caused by the allocation of a certain amount of data (frame size) decided by the attacker and the copying of another arbitrary amount on the same buffer. Proof of concept exploit included.

tags | exploit, overflow, arbitrary, proof of concept
systems | linux
SHA-256 | 6e595a81866c87dd6d9792d4d8aed66218fd680ae847cde3941f629d9ad64923
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
Posted Mar 18, 2011
Authored by bannedit, sinn3r | Site metasploit.com

This Metasploit module exploits a initialization flaw within RealPlayer 11/11.1 and RealPlayer SP 1.0 - 1.1.4. An abnormally long CDDA URI causes an object initialization failure. However, this failure is improperly handled and uninitialized memory executed.

tags | exploit
advisories | CVE-2010-3747, OSVDB-68673
SHA-256 | 62839465e28e0ea9cf0ef9d9a77ebcf656fe7aa1aca009b4ad424e57e87ca3f2
RealPlayer 11.0 Buffer Overflow
Posted Mar 15, 2011
Authored by KedAns-Dz

RealPlayer version 11.0 local crash exploit that creates a malicious .avi file.

tags | exploit, overflow, local
SHA-256 | 5fcde7902ae0fea8b5af642406c4a824b35e8289ad7a375e4aad8a3f184a024b
RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in RealOne Player V2 Gold Build 6.0.11.853 and RealPlayer 10.5 Build 6.0.12.1483. By sending an overly long string to the "Import()" method, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-5601
SHA-256 | e11fb220c23ac6a26276da81f1529687c5e7e560cad1ec6c1c5c3833079dd9b9
RealNetworks RealPlayer SMIL Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in RealNetworks RealPlayer 10 and 8. By creating a URL link to a malicious SMIL file, a remote attacker could overflow a buffer and execute arbitrary code. When using this module, be sure to set the URIPATH with an extension of '.smil'. This Metasploit module has been tested with RealPlayer 10 build 6.0.12.883 and RealPlayer 8 build 6.0.9.584.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2005-0455
SHA-256 | 7622e58e805d1bd82f5121d369c155d848e821fd78515d2564d1ef9413b10947
Linux 2.6.29 ptrace_attach() Race Condition
Posted May 15, 2009
Authored by prdelka | Site prdelka.blackart.org.uk

This is a local root exploit for the Linux 2.6.29 ptrace_attach() race condition that allows a process to gain elevated privileges under certain conditions.

tags | exploit, local, root
systems | linux
SHA-256 | db9565192db3ee04f85227cfe9fa0b007cf4b055bb2747ed491261b3a6efd308
realplayer-exec.txt
Posted Jul 26, 2008
Authored by Elazar Broad

RealPlayer suffers from a vulnerability where the WindowName and Controls properties of rmoc3260.dll do not manage heap memory properly resulting in a use after free condition which can overwrite heap management structures resulting in code execution. RealPlayer 11, 10.5, 10, and Enterprise are all affected.

tags | advisory, code execution
SHA-256 | f4a867bf834fd12002bf185f61e63741d9d542b0daa5b3009f9be2f18b59f04c
realplayer_console.rb.txt
Posted Apr 2, 2008
Authored by Elazar Broad

This Metasploit module exploits a heap corruption vulnerability in the RealPlayer ActiveX control. By sending a specially crafted string to the 'Console' property in the rmoc3260.dll control, an attacker may be able to execute arbitrary code.

tags | exploit, arbitrary, activex
advisories | CVE-2008-1309
SHA-256 | fe18e54c7136e0f4ddd02005a5baa3b152573f829ae72ec39f0b69c9755ba6b6
realplayer-activexexec.txt
Posted Apr 2, 2008
Authored by Elazar Broad

Exploit for the heap corruption vulnerability in the RealPlayer ActiveX control. By sending a specially crafted string to the 'Console' property in the rmoc3260.dll control, an attacker may be able to execute arbitrary code.

tags | exploit, arbitrary, activex
advisories | CVE-2008-1309
SHA-256 | 9c9470fc73ec08b731d851e037405e4cdd3056a7576b171fc5620b4f9224c9bb
realplayer-activex.txt
Posted Mar 13, 2008
Authored by Elazar Broad

The Real Networks RealPlayer ActiveX controller appears to suffer from a heap corruption vulnerability.

tags | advisory, activex
SHA-256 | 9919e8e59146b8fa84af60f145dcf038f509555dc92a70d72cf6abc85bb3d5b5
realplayer-heap.txt
Posted Oct 29, 2007
Authored by John Heasman | Site ngssoftware.com

All versions of RealPlayer 10 and some builds of RealPlayer 10.5 suffer from a heap overflow in the ID3 tag parsing code.

tags | advisory, overflow
SHA-256 | 46421bbdec94678eace2f1448aa87b7317888d18e61f1d242f583bc1db79e149
realplayer-heap-corruption-adv.txt
Posted Oct 26, 2007
Authored by Piotr Bania | Site piotrbania.com

RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a heap corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.

tags | advisory, code execution
SHA-256 | d0b3de4e4ec1830bd5ba47b604c4bffbdf1436a14cbbabd5bde23e273d74a08c
realplayer-memory-corruption-adv.txt
Posted Oct 26, 2007
Authored by Piotr Bania | Site piotrbania.com

RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a memory corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.

tags | advisory, code execution
SHA-256 | 4bfd216b1b49b47a039fd1ba81f14f6a6960a86d3d640af7a0c59b9a7cbffd35
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close