First published: Wed Sep 03 2003(Updated: )
RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Realnetworks Realone Desktop Manager | ||
Realnetworks Realone Player | =6.0.11.841 | |
Realnetworks Realone Player | =2.0 | |
Realnetworks Realone Enterprise Desktop | =6.0.11.774 | |
Realnetworks Realone Player | =6.0.11.830 | |
Realnetworks Realone Player | =6.0.10.505-gold | |
Realnetworks Realone Player | =6.0.11.818 | |
Realnetworks Realone Player | =6.0.11.853 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.