Vulnerability Details : CVE-2005-2055
RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers".
Exploit prediction scoring system (EPSS) score for CVE-2005-2055
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 33 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-2055
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2005-2055
-
http://service.real.com/help/faq/security/050623_player/EN/
Patch;Vendor Advisory
Products affected by CVE-2005-2055
- cpe:2.3:a:realnetworks:realplayer:*:*:enterprise:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040_1069:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:1.0:*:*:*:*:*:*:*