CVE-2004-0273

Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:realnetworks:realone_desktop_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:2.0:*:win:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:6.0.11.818:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:6.0.11.830:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:6.0.11.841:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:6.0.11.853:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:6.0.11.868:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-11-23 05:00

Updated : 2024-02-04 16:31


NVD link : CVE-2004-0273

Mitre link : CVE-2004-0273

CVE.ORG link : CVE-2004-0273


JSON object : View

Products Affected

realnetworks

  • realone_desktop_manager
  • realone_enterprise_desktop
  • realone_player
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')