2 matches found
CVE-2004-1798
CVE-2004-1798 describes a cross-site scripting vulnerability in RealNetworks RealPlayer/RealOne Player where a SMIL presentation can include a URL with the scripting protocol (e.g., javascript:) that is executed in the security context of the previously loaded URL. The issue arises from RealPlaye...
CVE-2004-1798
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language SMIL presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different...