CVE-2005-0455

RealNetworks RealPlayer <6.0.12.1056 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0455. PoCs published by Metasploit, nolimit, including Metasploit module exploits/windows/browser/realplayer_smil.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in RealNetworks RealPlayer 10 and 8 via a malicious SMIL file. It triggers arbitrary code execution by overflowing a buffer in the 'system-screen-size' attribute of a SMIL file.

Description

Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16586

This Metasploit module exploits a stack buffer overflow in RealNetworks RealPlayer 10 and 8 via a malicious SMIL file. It triggers arbitrary code execution by overflowing a buffer in the 'system-screen-size' attribute of a SMIL file.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: RealNetworks RealPlayer 10 (build 6.0.12.883) and RealPlayer 8 (build 6.0.9.584)
No auth needed
Prerequisites: Victim must open a malicious SMIL file via RealPlayer
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by nolimit · c++localwindows
https://www.exploit-db.com/exploits/863

This exploit targets a buffer overflow vulnerability in RealPlayer 10 via a maliciously crafted .smil file. It uses SEH overwrite techniques to achieve remote code execution, binding a shell on port 13579.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: RealPlayer 10
No auth needed
Prerequisites: Victim must open the maliciously crafted .smil file with RealPlayer 10
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/realplayer_smil.rb

This Metasploit module exploits a stack buffer overflow in RealNetworks RealPlayer 10 and 8 via a malicious SMIL file. It leverages a crafted HTML response to trigger arbitrary code execution on vulnerable Windows systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: RealNetworks RealPlayer 10 (build 6.0.12.883) and RealPlayer 8 (build 6.0.9.584)
No auth needed
Prerequisites: Victim must open a malicious SMIL file via RealPlayer · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Patch, Vendor Advisory third-party-advisory x_refsource_idefense
http://www.idefense.com/application/poi/display?id=209&type=vulnerabilities
Patch, Vendor Advisory x_refsource_confirm
http://service.real.com/help/faq/security/050224_player
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-271.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10926
Patch, Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-265.html

Scores

EPSS 0.7542
EPSS Percentile 98.9%

Details

Status published
Published May 02, 2005
Tracked Since Feb 18, 2026