VULHUB ™

The configuration files for the RealOne Player are installed in the a hidden folder in a users home directory. The issue presents itself, because configuration files stored in this directory are installed with insecure permissions. This means that an attacker, who is in the same group as a target user, may modify RealOne Player configuration files and may thereby escalate privileges to that of the target user.

The configuration files for the RealOne Player are installed in the a hidden folder in a users home directory. The issue presents itself, because configuration files stored in this directory are installed with insecure permissions. This means that an attacker, who is in the same group as a target user, may modify RealOne Player configuration files and may thereby escalate privileges to that of the target user.