Vulnerabilities > CVE-2002-0415 - Directory Traversal vulnerability in Realnetworks Realplayer 6.0

CVSS 1.7 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

realnetworks

NVD

Published: 2002-08-12

Updated: 2008-09-05

Summary

Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.

Vulnerable Configurations

Part	Description	Count
Application	Realnetworks Realnetworks Realplayer 6.0	1

References

http://www.iss.net/security_center/static/8336.php
http://www.securityfocus.com/archive/1/259333
http://www.securityfocus.com/bid/4221