CVE-2005-0192

Published: Oct 6, 2004Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.

Affected (7)

Products: Realnetworks: Realone Player, Realplayer

2 products

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Realone Player	Version 1.0
Realnetworks Realone Player	Version 2.0
Realnetworks Realplayer	Version 10.0
Realnetworks Realplayer	Version 10.0
Realnetworks Realplayer	Version 10.0
Realnetworks Realplayer	Version 10.0 beta
Realnetworks Realplayer	Version 10.5

References (10)

http://marc.info/?l=bugtraq&m=109707741022291&w=2

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://marc.info/?l=bugtraq&m=110616302008401&w=2

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://service.real.com/help/faq/security/040928_player/EN/

Source: cve@mitre.org

Vendor Advisory

http://www.ngssoftware.com/advisories/real-03full.txt

Source: cve@mitre.org

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/18984

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://marc.info/?l=bugtraq&m=109707741022291&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://marc.info/?l=bugtraq&m=110616302008401&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://service.real.com/help/faq/security/040928_player/EN/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.ngssoftware.com/advisories/real-03full.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/18984

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.