← Back

CVE-2004-1798

nvd nist
Published: Dec 31, 2004Modified: Apr 16, 2026

JSON object

Loading...
5.1
Vector
AV:N/AC:H/Au:N/C:P/I:P/A:P
Exploitability: 4.9 / Impact: 6.4
Source: NVD

Description

RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.

Affected (10)

Realnetworks
3 products
Realone Enterprise Desktop
Realone Player
Realplayer
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Realone Enterprise Desktop
Version 6.0.11.774
Realnetworks
Realone Player
Version 1.0
Realone Player
Version 2.0
Realone Player
Version 6.0.10.505
Realone Player
Version 6.0.11.818
Realone Player
Version 6.0.11.830
Realone Player
Version 6.0.11.841
Realone Player
Version 6.0.11.853
Realone Player
Version 6.0.11.868
Realplayer
Version 8.0

References (12)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
ExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkPatch
Source: cve@mitre.org
ExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
ExploitPatchThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatch
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.