PT-2005-2996 · Realnetworks+1 · Realone Player+2
Publicado
2005-06-28
·
Atualizado
2008-09-05
·
CVE-2005-2054
CVSS v2.0
5.1
Média
| Vetor | AV:N/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
RealPlayer versions 10 and 10.5 (6.0.12.1040-1069)
RealOne Player versions 1 and 2
Description:
A remote attacker can overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file, potentially leading to unauthorized access or code execution.
Recommendations:
For RealPlayer versions 10 and 10.5 (6.0.12.1040-1069), consider disabling the playback of MP3 files until a fix is available.
For RealOne Player versions 1 and 2, restrict access to MP3 files to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Activex
Realone Player
Realplayer