CVE-2005-2054

RealPlayer 10-10.5 and RealOne Player v1-v2 - Arbitrary File Write and ActiveX Control Execution via Crafted MP3 File

Title source: manual
STIX 2.1

Description

Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://service.real.com/help/faq/security/050623_player/EN/

Scores

EPSS 0.0064
EPSS Percentile 70.7%

Details

Status published
Products (4)
realnetworks/realone_player 1.0
realnetworks/realone_player 2.0
realnetworks/realplayer 10.0
realnetworks/realplayer 10.5_6.0.12.1040_1069
Published Jun 29, 2005
Tracked Since Feb 18, 2026