cbcvebase.
CVE-2002-1015
published 2002-10-04

CVE-2002-1015: RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by…

PriorityP422high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.04%
78.8th percentile
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers.

Affected

5 ranges
VendorProductVersion rangeFixed in
realnetworksrealjukebox_2
realnetworksrealjukebox_2
realnetworksrealjukebox_2_plus
realnetworksrealjukebox_2_plus
realnetworksrealone_player
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.