Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1509

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-1509
Last Modified 05 Sep 2008 04:37:07
Published 31 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1509

Summary

Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embeding script in a temp file before the temp file is executed by the default web browser.

Vulnerable Systems

Application

  • Realnetworks Realone Enterprise Desktop 6.0.11.774

  • Realnetworks Realone Player 2.0

  • Realnetworks Realone Player 6.0.11.818

  • Realnetworks Realone Player 6.0.11.830

  • Realnetworks Realone Player 6.0.11.841

  • Realnetworks Realone Player 6.0.11.853


References

BID - 8839

XF - realoneplayer-temporary-script-execution(13445)

CONFIRM - http://service.real.com/help/faq/security/securityupdate_october2003.html


Last Updated: 27 May 2016 10:38:24