CVE-2005-2710

Real HelixPlayer & RealPlayer 10 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2710. PoCs published by c0ntex.

AI-analyzed exploit summary This exploit leverages a format string vulnerability in RealPlayer and Helix Player to achieve remote code execution by manipulating the EBP register and redirecting execution flow to shellcode embedded in a malicious .rp file.

Description

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by c0ntex · cremotelinux
https://www.exploit-db.com/exploits/1232

This exploit leverages a format string vulnerability in RealPlayer and Helix Player to achieve remote code execution by manipulating the EBP register and redirecting execution flow to shellcode embedded in a malicious .rp file.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Racy
Target: RealPlayer 10.0.5.756 Gold and Helix Player (latest versions at the time)
No auth needed
Prerequisites: Victim must open a malicious .rp file · Target system must have vulnerable RealPlayer or Helix Player installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (19)

Core 19
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17127
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/361181
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml
Vendor Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2005/dsa-826
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/27
Mailing List mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=112775929608219&w=2
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16961
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-788.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16981
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17116
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16954
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html
Vendor Advisory third-party-advisory x_refsource_idefense
http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities
Vendor Advisory x_refsource_misc
http://www.open-security.org/advisories/13
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/41
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-762.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112785544325326&w=2

Scores

EPSS 0.1318
EPSS Percentile 95.9%

Details

Status published
Products (2)
realnetworks/helix_player
realnetworks/realplayer 10.0
Published Sep 27, 2005
Tracked Since Feb 18, 2026