3 matches found
CVE-2022-32270
In Real Player 20.0.7.309 and 20.0.8.310, external::Import allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder DLL planting could also occur...
CVE-2022-32270
In Real Player 20.0.7.309 and 20.0.8.310, external::Import allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder DLL planting could also occur...
CVE-2022-32270
CVE-2022-32270 affects RealNetworks RealPlayer versions 20.0.7.309 and 20.0.8.310. The flaw arises in external::Import(), which permits downloading arbitrary file types and directory traversal, enabling remote code execution. Root cause is facilitatement of DLL planting or executables in the sta...