GCVE - cpe:2.3:a:realnetworks:realone_player:6.0.11.868:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realnetworks:realone_player:6.0.11.868:*:*:*:*:*:*:*

part: a version: 6.0.11.868 update: *

Vendor	Realnetworks (`944b0662-a257-59bc-8fc3-d9f6c6d401e0`)
Product	Realone Player (`05ac13e2-77ff-525f-8a71-43f30b23e4a0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2004-1798`	vulnerable	2026-06-03 14:26:45.404302	Details available RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T01:07:47.993Z Open on db.gcve.eu Reference links http://secunia.com/advisories/9584 http://securitytracker.com/id?1008647 http://www.securityfocus.com/bid/9378 http://www.osvdb.org/3826 http://www.securityfocus.com/archive/1/349086	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1416`	not_vulnerable	2026-06-03 14:26:39.528167	Details available pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. Published: 2005-02-12T05:00:00.000Z Updated: 2024-08-08T00:53:23.498Z Open on db.gcve.eu Reference links http://www.osvdb.org/12660 http://marc.info/?l=bugtraq&m=110374765215675&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0273`	vulnerable	2026-06-03 14:26:34.977146	Details available Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T00:10:03.715Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/514734 https://exchange.xforce.ibmcloud.com/vulnerabilities/15123 http://marc.info/?l=bugtraq&m=107642978524321&w=2 http://www.securityfocus.com/bid/9580 http://service.real.com/help/faq/security/040123_player/EN/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0258`	vulnerable	2026-06-03 14:26:34.923380	Details available Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. Published: 2004-03-18T05:00:00.000Z Updated: 2024-08-08T00:10:03.825Z Open on db.gcve.eu Reference links http://www.nextgenss.com/advisories/realone.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/15040 http://www.ciac.org/ciac/bulletins/o-075.shtml http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0027.html http://www.kb.cert.org/vuls/id/473814	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

RealNetworks Realone Player 6.0.11.868

PURL mappings

Vulnerability references

Contribute