7.5
CVE-2002-1015
- EPSS 1.41%
- Veröffentlicht 04.10.2002 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Realnetworks ≫ Realjukebox 2 Version1.0.2.340
Realnetworks ≫ Realjukebox 2 Version1.0.2.379
Realnetworks ≫ Realjukebox 2 Plus Version1.0.2.340
Realnetworks ≫ Realjukebox 2 Plus Version1.0.2.379
Realnetworks ≫ Realone Player Version6.0.10.505 Updategold
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.41% | 0.797 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|