CVE-2003-0726

Name of the Vulnerable Software and Affected Versions: RealOne player (affected versions not specified)

Description: The issue allows remote attackers to execute arbitrary script in the "My Computer" zone. This is achieved via a SMIL presentation with a URL that references a scripting protocol. The script is executed in the security context of the previously loaded URL. For example, using a "javascript:" URL in the area tag can demonstrate this issue.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.