Vulnerabilities > CVE-2004-1798 - Unspecified vulnerability in Realnetworks products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.
Vulnerable Configurations
References
- http://secunia.com/advisories/9584
- http://secunia.com/advisories/9584
- http://securitytracker.com/id?1008647
- http://securitytracker.com/id?1008647
- http://www.osvdb.org/3826
- http://www.osvdb.org/3826
- http://www.securityfocus.com/archive/1/349086
- http://www.securityfocus.com/archive/1/349086
- http://www.securityfocus.com/bid/9378
- http://www.securityfocus.com/bid/9378
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14168
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14168