Vulnerabilities > CVE-2004-1798 - Unspecified vulnerability in Realnetworks products

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

realnetworks

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.

Vulnerable Configurations

Part	Description	Count
Application	Realnetworks Realnetworks Realone Enterprise Desktop 6.0.11.774 Realnetworks Realone Player 1.0 Realnetworks Realone Player 2.0 Realnetworks Realone Player 6.0.10.505 Realnetworks Realone Player 6.0.11.818 Realnetworks Realone Player 6.0.11.830 Realnetworks Realone Player 6.0.11.841 Realnetworks Realone Player 6.0.11.853 Realnetworks Realone Player 6.0.11.868 Realnetworks Realplayer 8.0	10

Summary

Vulnerable Configurations

References