Vulnerabilities > Realnetworks > Realone Player > 6.0.10.505
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1798 | Unspecified vulnerability in Realnetworks products RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | 5.1 |
| 2003-04-02 | CVE-2003-0141 | Unspecified vulnerability in Realnetworks products The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | 5.1 |
| 2002-10-04 | CVE-2002-1015 | Unspecified vulnerability in Realnetworks Realjukebox 2, Realjukebox 2 Plus and Realone Player RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers. | 7.5 |
| 2002-10-04 | CVE-2002-1014 | Unspecified vulnerability in Realnetworks Realjukebox 2, Realjukebox 2 Plus and Realone Player Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image. | 7.5 |