ID CVE-2005-0192Type cveReporter cve@mitre.orgModified 2017-12-12T17:17:00
Description
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
{"id": "CVE-2005-0192", "bulletinFamily": "NVD", "title": "CVE-2005-0192", "description": "Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.", "published": "2004-10-06T04:00:00", "modified": "2017-12-12T17:17:00", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0192", "reporter": "cve@mitre.org", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/18984", "http://marc.info/?l=bugtraq&m=109707741022291&w=2", "http://marc.info/?l=bugtraq&m=110616302008401&w=2", "http://service.real.com/help/faq/security/040928_player/EN/", "http://www.ngssoftware.com/advisories/real-03full.txt"], "cvelist": ["CVE-2005-0192"], "type": "cve", "lastseen": "2019-05-29T18:08:13", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "0f8312d5bd900110854e561dba806d92"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "f484dff147a481f6804923c249de5965"}, {"key": "cpe23", "hash": "9a517030c28044c03558fde781559f65"}, {"key": "cvelist", "hash": "34879b9a630574f41fef30400738e2cf"}, {"key": "cvss", "hash": "a4e8ab6449ecd0e1c0804a2fa5b0ec9b"}, {"key": "cvss2", "hash": "1f2a15cfd7ea368b8697922332454f47"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "80479dcd2ba08cf569ab2aa9c3edc741"}, {"key": "href", "hash": "8de3871240330c4e444b760c9cf2fd6b"}, {"key": "modified", "hash": "a8d0c9aaf8771b33f5e36f17a453acf2"}, {"key": "published", "hash": "0960ddf0a83c73d3e076c150c40ef62e"}, {"key": "references", "hash": "1b5ae55715e43668b8232ed75e66280e"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "af7b2b7af7868166885e8ce0e54569f5"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "c528448af015d4c7a8c8aebaef0eb73fd5d79a531488f61756ddd9667d1e8587", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:13938"]}, {"type": "nessus", "idList": ["REALPLAYER_UNDISCLOSED_VULNS.NASL"]}], "modified": "2019-05-29T18:08:13"}, "score": {"value": 4.8, "vector": "NONE", "modified": "2019-05-29T18:08:13"}, "vulnersScore": 4.8}, "objectVersion": "1.3", "cpe": ["cpe:/a:realnetworks:realplayer:10.0", "cpe:/a:realnetworks:realplayer:10.5", "cpe:/a:realnetworks:realone_player:2.0", "cpe:/a:realnetworks:realone_player:1.0"], "affectedSoftware": [{"name": "realnetworks realone_player", "operator": "eq", "version": "2.0"}, {"name": "realnetworks realplayer", "operator": "eq", "version": "10.0"}, {"name": "realnetworks realone_player", "operator": "eq", "version": "1.0"}, {"name": "realnetworks realplayer", "operator": "eq", "version": "10.5"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:realnetworks:realplayer:10.0:*:*:ja:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:beta:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:de:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.5:*:*:*:*:*:*:*", "cpe:2.3:a:realnetworks:realplayer:10.0:*:*:en:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}
{"osvdb": [{"lastseen": "2017-04-28T13:20:09", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://service.real.com/help/faq/security/040928_player/EN/)\nOther Advisory URL: http://www.ngssoftware.com/advisories/real-03full.txt\nISS X-Force ID: 18984\n[CVE-2005-0192](https://vulners.com/cve/CVE-2005-0192)\nBugtraq ID: 12315\n", "modified": "2005-01-19T00:00:00", "published": "2005-01-19T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:13938", "id": "OSVDB:13938", "title": "RealPlayer RJS Skin File Directory Traversal", "type": "osvdb", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2020-01-01T01:13:00", "bulletinFamily": "scanner", "description": "According to its build number, the installed version of RealPlayer /\nRealOne Player for Windows may allow an attacker to execute arbitrary\ncode and delete arbitrary files on the remote host.", "modified": "2020-01-02T00:00:00", "id": "REALPLAYER_UNDISCLOSED_VULNS.NASL", "href": "https://www.tenable.com/plugins/nessus/15395", "published": "2004-10-01T00:00:00", "title": "RealPlayer Multiple Remote Vulnerabilities (2004-09-28)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(15395);\n script_version(\"1.25\");\n\n script_cve_id(\"CVE-2004-1481\", \"CVE-2005-0189\", \"CVE-2005-0190\", \"CVE-2005-0192\");\n script_bugtraq_id(11307, 11308, 11309, 11335, 12311, 12315);\n\n script_name(english:\"RealPlayer Multiple Remote Vulnerabilities (2004-09-28)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows application is affected by multiple remote\nvulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"According to its build number, the installed version of RealPlayer /\nRealOne Player for Windows may allow an attacker to execute arbitrary\ncode and delete arbitrary files on the remote host.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://securitytracker.com/id?1011449\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade according to the vendor advisory referenced above.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/10/01\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2004/09/28\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:realnetworks:realplayer\");\nscript_end_attributes();\n\n script_summary(english:\"Checks RealPlayer build number\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Windows\");\n script_dependencies(\"realplayer_detect.nasl\");\n script_require_keys(\"SMB/RealPlayer/Product\", \"SMB/RealPlayer/Build\");\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\n\n# nb: RealOne Player and RealPlayer Enterprise are also affected,\n# but we don't currently know which specific build numbers\n# address the issues.\nprod = get_kb_item(\"SMB/RealPlayer/Product\");\nif (!prod || prod != \"RealPlayer\") exit(0);\n\n\n# Check build.\nbuild = get_kb_item(\"SMB/RealPlayer/Build\");\nif (build)\n{\n # There's a problem if the build is:\n # - [6.0.12.0, 6.0.12.1053), RealPlayer 10.5\n ver = split(build, sep:'.', keep:FALSE);\n if (\n int(ver[0]) < 6 ||\n (\n int(ver[0]) == 6 &&\n int(ver[1]) == 0 &&\n (\n int(ver[2]) < 12 ||\n (int(ver[2]) == 12 && int(ver[3]) < 1053)\n )\n )\n )\n {\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n prod, \" build \", build, \" is installed on the remote host.\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
