Description
RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers".
Product(s):
- RealNetworks Realone Player 1.0
- RealNetworks Realone Player 2.0
- RealNetworks RealPlayer Enterprise Edition
- RealNetworks RealPlayer 10.0
- Realnetworks RealPlayer 10.0 for Linux
- Realnetworks RealPlayer 10.0 De
- Realnetworks RealPlayer 10.0 En
- Realnetworks RealPlayer 10.0 Ja
- RealNetworks RealPlayer 10.0 Beta
- Realnetworks RealPlayer 10.0 Beta for Mac Os X
- RealNetworks RealPlayer 10.0 Gold
- RealNetworks RealPlayer 10.5_6.0.12.1040_1069
- RealNetworks RealPlayer 2.1.2 Enterprise
- RealNetworks RealPlayer 2.1.3 Enterprise
- RealNetworks RealPlayer 2.1.4 Enterprise
- Realnetworks RealPlayer 8.0
- Realnetworks RealPlayer 8.0 for Mac Os X
- Realnetworks RealPlayer 8.0 for Unix
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-2055, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-2055 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.