CVE-2005-2936
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
54.8%
Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| realnetworks | realone_player | 1.0 | cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:* |
| realnetworks | realone_player | 2.0 | cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:* |
| realnetworks | realplayer | 8.0 | cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:* |
| realnetworks | realplayer | 10.0 | cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:* |
| realnetworks | realplayer | 10.5_6.0.12.1040 | cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:* |
| realnetworks | realplayer | 10.5_6.0.12.1348 | cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1348:*:*:*:*:*:*:* |
References
secunia.com/advisories/19358
securitytracker.com/id?1015223
service.real.com/help/faq/security/security111605.html
www.idefense.com/application/poi/display?id=340&type=vulnerabilities
www.securityfocus.com/bid/15448
www.service.real.com/realplayer/security/03162006_player/en/
www.vupen.com/english/advisories/2006/1057
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
54.8%