CVE-2005-0348

Properties

Published:
01.05.2005
Updated:
05.01.2006
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:C/A:N/B:N) Approximated
    Product:
    RealNetworks: RealArcade

    Vulnerability description

    Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag.

    References:

    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110792779115794&w=2
    SECUNIA: http://secunia.com/advisories/14187/
    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110792779115794&w=2
    XF: http://xforce.iss.net/xforce/xfdb/19260
    BID: http://www.securityfocus.com/bid/12494
    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110792779115794&w=2
    SECTRACK: http://securitytracker.com/id?1013128