CVE-2002-1015
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-1015
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Real Networks RealJukebox远程可预测文件展开位置漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
RealJukebox是一款由Real Networks公司开发的拥有强大功能的媒体播放器,支持外壳更换。 RealJukebox在打开外壳文件时,使用了可预测位置进行文件展开,远程攻击者可以利用这个漏洞放置任意文件到预测位置,并利用其他漏洞进行攻击。 RealJukebox在展开外壳文件时,一般选择安装在可预测的c:\Program Files\Real\RealJukebox\temp\~rjbtemp0\目录中,其中'~'为序列号,使用包含恶意内容的skin.ini文件,建立包含"file://"连
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-1015
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-1015
Please Login to view more intelligence information
- http://service.real.com/help/faq/security/bufferoverrun07092002.htmlx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2002-1015
Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total
| CVE-2002-0718 | Microsoft Content Management Server 2001文件上传漏洞(MS02-041) | |
| CVE-2002-0738 | MHonArc HTML脚本过滤可绕过漏洞 | |
| CVE-2002-0737 | Sambar WEB服务程序服务端文件解析可绕过漏洞 | |
| CVE-2002-0736 | Microsoft BackOffice授权问题漏洞 | |
| CVE-2002-0734 | B2 B2config.php远程命令执行漏洞 | |
| CVE-2002-0733 | ACME Labs thttpd跨站脚本执行漏洞 | |
| CVE-2002-0727 | Microsoft OWC可导致Active脚本执行漏洞 | |
| CVE-2002-0726 | Microsoft TSAC ActiveX远程缓冲区溢出漏洞(MS02-046) | |
| CVE-2002-0722 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-2002-0720 | Microsoft Windows 2000网络连接管理器权限提升漏洞(MS02-042) | |
| CVE-2002-0719 | Microsoft Content Management Server 2001 SQL注入漏洞(MS02-041) | |
| CVE-2002-0703 | Gisle Aas Digest-MD5 UTF-8摘要计算存在漏洞 | |
| CVE-2002-0695 | Microsoft Data Access Components T-SQL OpenRowSet远程缓冲区溢出漏洞(MS02-040) | |
| CVE-2002-0697 | Microsoft Metadirectory服务远程LDAP客户端管理员访问漏洞(MS02-036) | |
| CVE-2002-0698 | Microsoft Exchange Server 缓冲区错误漏洞 | |
| CVE-2002-0700 | Microsoft Content Management Server 2001用户认证缓冲区溢出漏洞(MS02-041) | |
| CVE-2002-0701 | 多个供应商进BSD KTrace SUID/SGID进程追踪漏洞 | |
| CVE-2002-0710 | Rod Clark sendform.cgi远程可获得任意文件漏洞 | |
| CVE-2002-0716 | OpenServer定时服务格式字符串漏洞 | |
| CVE-2002-0714 | Squid FTP代理数据通道漏洞 |
Showing top 20 of 350 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2002-1015
No comments yet