CVE-2004-0273: Path Traversal
First published: Wed Sep 01 2004(Updated: )
Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Realnetworks Realone Desktop Manager | ||
| Realnetworks Realone Player | =6.0.11.841 | |
| Realnetworks Realone Player | =2.0 | |
| Realnetworks Realone Enterprise Desktop | =6.0.11.774 | |
| Realnetworks Realone Player | =6.0.11.830 | |
| Realnetworks Realone Player | =2.0 | |
| Realnetworks Realone Player | =6.0.11.868 | |
| Realnetworks Realone Player | =1.0 | |
| Realnetworks Realone Player | =6.0.11.818 | |
| Realnetworks Realone Player | =6.0.11.853 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/realnetworks
- product/realone desktop manager
- canonical/realnetworks realone desktop manager
- product/realone player
- canonical/realnetworks realone player
- product/realone enterprise desktop
- canonical/realnetworks realone enterprise desktop
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/realnetworks realone player/6.0.11.841
- version/realnetworks realone player/2.0
- version/realnetworks realone enterprise desktop/6.0.11.774
- version/realnetworks realone player/6.0.11.830
- version/realnetworks realone player/6.0.11.868
- version/realnetworks realone player/1.0
- version/realnetworks realone player/6.0.11.818
- version/realnetworks realone player/6.0.11.853