Описание
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-0192
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18984
- http://marc.info/?l=bugtraq&m=109707741022291&w=2
- http://marc.info/?l=bugtraq&m=110616302008401&w=2
- http://service.real.com/help/faq/security/040928_player/EN
- http://www.ngssoftware.com/advisories/real-03full.txt
EPSS
Процентиль: 85%
0.02346
Низкий
CVE ID
Связанные уязвимости
nvd
больше 21 года назад
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
EPSS
Процентиль: 85%
0.02346
Низкий