CVE-2003-1509

RealOne Enterprise Desktop and RealOne Player - Remote Code Execution via Temp File Script Injection

Title source: llm

Description

Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser.

References (3)

Core 3

Core References

Various Sources x_refsource_confirm

http://service.real.com/help/faq/security/securityupdate_october2003.html

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/8839

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/13445

Scores

EPSS 0.0087

EPSS Percentile 75.5%

Details

Status published

Products (6)

realnetworks/realone_enterprise_desktop 6.0.11.774

realnetworks/realone_player 2.0

realnetworks/realone_player 6.0.11.818

realnetworks/realone_player 6.0.11.830

realnetworks/realone_player 6.0.11.841

realnetworks/realone_player 6.0.11.853

Published Dec 31, 2003

Tracked Since Feb 18, 2026