| GEN:SID | 1:2437 |
| Message | WEB-CLIENT RealPlayer arbitrary javascript command attempt |
| Summary | This event is generated when an attempt is made to exploit a known vulnerability in RealOne Player.
|
| Impact | Serious. Execution of arbitrary code is possible.
|
| Detailed Information | It may be possible for an attacker to execute code of their choosing by using a vulnerability in RealOne Player from RealNetworks. If a malicious URI is embedded in a SMIL presentation that points to script of the attackers choosing, the code may be executed with privileges assigned to the "My Computer" zone.
|
| Affected Systems | RealOne Player for Windows
|
| Attack Scenarios | An attacker could embed a URI of their choosing in a presentation and entice a user to click the link from within RealOne Player. The code referenced by this URI would then be executed on the client machine.
|
| Ease of Attack | Simple. No exploit software required.
|
| Corrective Action | Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.
|
| Additional References | |
| Rule References | bugtraq: 8453
bugtraq: 9378
cve: 2003-0726
|