CVE

Id
11398  
CVE No.
CVE-2005-0192  
Status
Candidate  
Description
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.  
Phase
Assigned (20050128)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
81070 11398 CVE-2005-0192 BUGTRAQ:20041006 Patch available for multiple high risk vulnerabilities in RealPlayer  View
81071 11398 CVE-2005-0192 URL:http://marc.info/?l=bugtraq&m=109707741022291&w=2  View
81072 11398 CVE-2005-0192 BUGTRAQ:20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g)  View
81073 11398 CVE-2005-0192 URL:http://marc.info/?l=bugtraq&m=110616302008401&w=2  View
81074 11398 CVE-2005-0192 MISC:http://www.ngssoftware.com/advisories/real-03full.txt  View
81075 11398 CVE-2005-0192 MISC:http://service.real.com/help/faq/security/040928_player/EN/  View
81076 11398 CVE-2005-0192 XF:realplayer-rjs-filenane-directory-traversal(18984)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63235 JVNDB-2004-000577 Squid における ACL の定義不備によるアクセス制御回避の脆弱性 Squid 以前では、空の ACL が定義された場合に、管理者が意図するものとは異なるアクセス制御の設定が反映されてしまう脆弱性が存在します。 CVE-2005-0194 11398 10 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000577.html  View