RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.
Max CVSS
2.1
EPSS Score
95.99%
Published
2012-04-17
Updated
2017-12-29
Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag.
Max CVSS
2.6
EPSS Score
0.72%
Published
2005-05-02
Updated
2017-07-11
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
Max CVSS
2.6
EPSS Score
0.26%
Published
2004-10-06
Updated
2017-12-12
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.
Max CVSS
2.6
EPSS Score
0.36%
Published
2004-09-29
Updated
2017-11-16
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
Max CVSS
2.6
EPSS Score
0.51%
Published
2000-04-03
Updated
2008-09-05
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!