cbcvebase.
CVE-2004-1798
published 2004-12-31

CVE-2004-1798: RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language…

PriorityP421medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
2.19%
80.2th percentile
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726.

Affected

10 ranges
VendorProductVersion rangeFixed in
realnetworksrealone_enterprise_desktop
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealone_player
realnetworksrealplayer
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.