Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2412 |
| Message | ATTACK-RESPONSES successful cross site scripting forced download attempt |
| Summary | This event is generated when a cross-site scripting attempt using RealNetworks RealPlayer has been successful. |
| Impact | Cross site scripting, information disclosure. |
| Detailed Information | A vulnerability exists in versions of RealPlayer from RealNetworks that may allow a remote attacker to launch a sucessful cross-site scripting attack against a host running the application. This event is indicative of a successful attack. |
| Affected Systems | RealNetworks RealPlayer |
| Attack Scenarios | An attacker can supply a malformed file to the client making the request and use the vulnerability to gain sensitive information from the host. |
| Ease of Attack | Simple. |
| Corrective Action | Upgrade to the latest non-affected version of the software. |
| Additional References |
--
DID:896984
--
http://www.aanval.com/