| Vulnerability Name: | CVE-2005-2055 (CCN-21132) | ||||||||
| Assigned: | 2005-06-23 | ||||||||
| Published: | 2005-06-23 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2055 Source: CONFIRM Type: Patch, Vendor Advisory http://service.real.com/help/faq/security/050623_player/EN/ Source: CCN Type: OSVDB ID: 17577 RealPlayer Unspecified Crafted HTML RM Call Arbitrary File Creation Source: CCN Type: RealPlayer Enterprise Web page RealPlayer Enterprise Source: CCN Type: RealPlayer Security Path Update dated June 23, 2005 Security Patch Update For Realplayer Enterprise Source: XF Type: UNKNOWN realplayer-html-command-execution(21132) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||