Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2004-1798

RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.

  • Published: Dec 31, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-1798
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.1
  • AV:N/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
realnetworks / realone_player 6.0.11.841 6.0.11.841.x
realnetworks / realone_player 2.0 2.0.x
realnetworks / realone_enterprise_desktop 6.0.11.774 6.0.11.774.x
realnetworks / realone_player 6.0.11.830 6.0.11.830.x
realnetworks / realplayer 8.0 8.0.x
realnetworks / realone_player 6.0.11.868 6.0.11.868.x
realnetworks / realone_player 1.0 1.0.x
realnetworks / realone_player 6.0.10.505 6.0.10.505.x
realnetworks / realone_player 6.0.11.818 6.0.11.818.x
realnetworks / realone_player 6.0.11.853 6.0.11.853.x