cbcvebase.
CVE-2003-0726
published 2003-10-20

CVE-2003-0726: RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting…

PriorityP427medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
6.71%
93.1th percentile
RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.

Affected

10 ranges
VendorProductVersion rangeFixed in
realnetworksrealone_enterprise_desktop
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealplayer
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.