CVE-2004-0273

2004-09-0104:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.6%

JSON

Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains … (dot dot) sequences in a .rjs skin file.

References

marc.info/?l=bugtraq&m=107642978524321&w=2

service.real.com/help/faq/security/040123_player/EN/

www.kb.cert.org/vuls/id/514734

www.securityfocus.com/bid/9580

exchange.xforce.ibmcloud.com/vulnerabilities/15123