PT-2005-2996 · Realnetworks+1 · Realone Player+2

Published

2005-06-28

Updated

2008-09-05

CVE-2005-2054

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: RealPlayer versions 10 and 10.5 (6.0.12.1040-1069) RealOne Player versions 1 and 2

Description: A remote attacker can overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file, potentially leading to unauthorized access or code execution.

Recommendations: For RealPlayer versions 10 and 10.5 (6.0.12.1040-1069), consider disabling the playback of MP3 files until a fix is available. For RealOne Player versions 1 and 2, restrict access to MP3 files to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2054

Affected Products

Activex

Realone Player

Realplayer

PT-2005-2996 · Realnetworks+1 · Realone Player+2

CVE-2005-2054

Related Identifiers

Affected Products

References · 2