RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the My Computer zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a file:javascript: URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Realone_enterprise_desktop | Realnetworks | 6.0.11.774 (including) | 6.0.11.774 (including) |
Realone_player | Realnetworks | 1.0 (including) | 1.0 (including) |
Realone_player | Realnetworks | 2.0 (including) | 2.0 (including) |
Realone_player | Realnetworks | 6.0.10.505 (including) | 6.0.10.505 (including) |
Realone_player | Realnetworks | 6.0.11.818 (including) | 6.0.11.818 (including) |
Realone_player | Realnetworks | 6.0.11.830 (including) | 6.0.11.830 (including) |
Realone_player | Realnetworks | 6.0.11.841 (including) | 6.0.11.841 (including) |
Realone_player | Realnetworks | 6.0.11.853 (including) | 6.0.11.853 (including) |
Realone_player | Realnetworks | 6.0.11.868 (including) | 6.0.11.868 (including) |
Realplayer | Realnetworks | 8.0 (including) | 8.0 (including) |