Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:program.exe file.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Realone_player | Realnetworks | 1.0 (including) | 1.0 (including) |
| Realone_player | Realnetworks | 2.0 (including) | 2.0 (including) |
| Realplayer | Realnetworks | 8.0 (including) | 8.0 (including) |
| Realplayer | Realnetworks | 10.0 (including) | 10.0 (including) |
| Realplayer | Realnetworks | 10.5_6.0.12.1040 (including) | 10.5_6.0.12.1040 (including) |
| Realplayer | Realnetworks | 10.5_6.0.12.1348 (including) | 10.5_6.0.12.1348 (including) |
References
- http://secunia.com/advisories/19358
- http://securitytracker.com/id?1015223
- http://service.real.com/help/faq/security/security111605.html
- http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities
- http://www.securityfocus.com/bid/15448
- http://www.service.real.com/realplayer/security/03162006_player/en/
- http://www.vupen.com/english/advisories/2006/1057
- http://secunia.com/advisories/19358
- http://securitytracker.com/id?1015223
- http://service.real.com/help/faq/security/security111605.html
- http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities
- http://www.securityfocus.com/bid/15448
- http://www.service.real.com/realplayer/security/03162006_player/en/
- http://www.vupen.com/english/advisories/2006/1057