5.1

CVE-2004-1798

Exploit
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RealnetworksRealone Player Version1.0
RealnetworksRealone Player Version2.0
RealnetworksRealone Player Version6.0.10.505
RealnetworksRealone Player Version6.0.11.818
RealnetworksRealone Player Version6.0.11.830
RealnetworksRealone Player Version6.0.11.841
RealnetworksRealone Player Version6.0.11.853
RealnetworksRealone Player Version6.0.11.868
RealnetworksRealplayer Version8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.19% 0.801
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/9584
Patch
Vendor Advisory
http://securitytracker.com/id?1008647
Third Party Advisory
Exploit
VDB Entry
http://www.osvdb.org/3826
Patch
Broken Link
http://www.securityfocus.com/archive/1/349086
Third Party Advisory
Exploit
VDB Entry
http://www.securityfocus.com/bid/9378
Patch
Third Party Advisory
Exploit
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/14168
Third Party Advisory
VDB Entry