CVE-2002-0415

RealPlayer 6.0.7 - Directory Traversal via HTTP GET Request

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.

References (3)

Core 3
Core References
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4221
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/259333
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8336.php

Scores

EPSS 0.0037
EPSS Percentile 58.9%

Details

Status published
Products (1)
realnetworks/realplayer 6.0
Published Aug 12, 2002
Tracked Since Feb 18, 2026