Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in an RJS filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
realnetworks realplayer 10.0 |
||
realnetworks realplayer 10.5 |
||
realnetworks realone player 2.0 |
||
realnetworks realone player 1.0 |