5.1

CVE-2003-0726

Exploit

RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RealnetworksRealone Player Version2.0
RealnetworksRealone Player Version6.0.10.505 Updategold
RealnetworksRealone Player Version6.0.11.818
RealnetworksRealone Player Version6.0.11.830
RealnetworksRealone Player Version6.0.11.841
RealnetworksRealone Player Version6.0.11.853
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.58% 0.924
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
http://www.securityfocus.com/bid/8453
Patch
Vendor Advisory
Exploit