// For flags

CVE-2005-0190

 

Severity Score

2.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2004-09-29 CVE Published
  • 2005-01-28 CVE Reserved
  • 2024-01-14 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Realnetworks
Search vendor "Realnetworks"
Realone Player
Search vendor "Realnetworks" for product "Realone Player"
1.0
Search vendor "Realnetworks" for product "Realone Player" and version "1.0"
-
Affected
Realnetworks
Search vendor "Realnetworks"
Realone Player
Search vendor "Realnetworks" for product "Realone Player"
2.0
Search vendor "Realnetworks" for product "Realone Player" and version "2.0"
-
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.0
Search vendor "Realnetworks" for product "Realplayer" and version "10.0"
en
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.0
Search vendor "Realnetworks" for product "Realplayer" and version "10.0"
ja
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.0
Search vendor "Realnetworks" for product "Realplayer" and version "10.0"
de
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.0_6.0.12.690
Search vendor "Realnetworks" for product "Realplayer" and version "10.0_6.0.12.690"
-
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.0_beta
Search vendor "Realnetworks" for product "Realplayer" and version "10.0_beta"
-
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.5
Search vendor "Realnetworks" for product "Realplayer" and version "10.5"
-
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.5_6.0.12.1016_beta
Search vendor "Realnetworks" for product "Realplayer" and version "10.5_6.0.12.1016_beta"
-
Affected
Realnetworks
Search vendor "Realnetworks"
Realplayer
Search vendor "Realnetworks" for product "Realplayer"
10.5_6.0.12.1040
Search vendor "Realnetworks" for product "Realplayer" and version "10.5_6.0.12.1040"
-
Affected