Unrated severityNVD Advisory· Published Oct 20, 2003· Updated Jun 16, 2026
CVE-2003-0726
CVE-2003-0726
Description
RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:realnetworks:realone_desktop_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_enterprise_desktop:6.0.11.774:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:realnetworks:realone_player:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.10.505:gold:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.818:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.830:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.841:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:realone_player:6.0.11.853:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
6- www.digitalpranksters.com/advisories/realnetworks/smilscriptprotocol.htmlnvdExploitPatchVendor AdvisoryURL Repurposed
- www.securityfocus.com/archive/1/335293nvdExploitVendor Advisory
- www.securityfocus.com/bid/8453nvdExploitPatchVendor Advisory
- securitytracker.com/idnvd
- www.service.real.com/help/faq/security/securityupdate_august2003.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/13028nvd
News mentions
0No linked articles in our index yet.