CVE-2005-0190
RealPlayer 10.5 (6.0.12.1040) and earlier - Directory Traversal via RMP FILENAME Tag
Title source: llmDescription
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.
References (7)
Core 7
Core References
Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11308
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110616160228843&w=2
Patch, Vendor Advisory x_refsource_confirm
http://service.real.com/help/faq/security/040928_player/EN/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17551
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12672/
Patch, Vendor Advisory x_refsource_misc
http://www.ngssoftware.com/advisories/real-02full.txt
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109707741022291&w=2
Scores
EPSS
0.0311
EPSS Percentile
87.0%
Details
Status
published
Products (8)
realnetworks/realone_player
1.0
realnetworks/realone_player
2.0
realnetworks/realplayer
10.0 (3 CPE variants)
realnetworks/realplayer
10.0_6.0.12.690
realnetworks/realplayer
10.0_beta
realnetworks/realplayer
10.5
realnetworks/realplayer
10.5_6.0.12.1016_beta
realnetworks/realplayer
10.5_6.0.12.1040
Published
Sep 29, 2004
Tracked Since
Feb 18, 2026