Vulnerability Details CVE-2005-0304
Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename in a ZIP file for a skin.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://aluigi.altervista.org/adv/divxplayer-adv.txt
- http://marc.info/?l=bugtraq&m=110642748517854&w=2
- http://secunia.com/advisories/13969
- http://www.securityfocus.com/bid/12332
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19030
- http://aluigi.altervista.org/adv/divxplayer-adv.txt
- http://marc.info/?l=bugtraq&m=110642748517854&w=2
- http://secunia.com/advisories/13969
- http://www.securityfocus.com/bid/12332
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19030
Products affected by CVE-2005-0304
-
cpe:2.3:a:divx:divx_player:2.6