Signature Detail

HTTP: RealNetworks RealPlayer SMIL Cross Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against RealNetworks RealPlayer. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Extended Description

A vulnerability has been reported in RealOne Player. Script embedded in SMIL presentations may be executed in the context of a domain that is specified by an attacker. In particular, if a URI is opened from within a SMIL file, embedded script code may access the properties of the URI's domain. This could allow for theft of cookie-based authentication credentials, but more seriously, could also cause embedded script code to be executed in the context of the My Computer Zone. This issue is a variant of the vulnerability described in BID 8453. The syntax used to embed script code is different than the previous vulnerability, and this new issue affects fixed versions of the player. As with the previous issue, there is also a likelihood that malicious script code could be embedded into other file types that are handled by the player.

Affected Products

• Real Networks RealOne Desktop Manager
• Real Networks RealOne Enterprise Desktop 6.0.11 .774
• Real Networks RealOne Player 1.0.0
• Real Networks RealOne Player 2.0.0
• Real Networks RealOne Player 6.0.11 .818
• Real Networks RealOne Player 6.0.11 .830
• Real Networks RealOne Player 6.0.11 .841
• Real Networks RealOne Player 6.0.11 .853
• Real Networks RealOne Player 6.0.11 .868
• Real Networks RealOne Player Gold for Windows 6.0.10 .505
• Real Networks RealPlayer 8.0.0 Win32

References

• BugTraq: 9378
• CVE: CVE-2003-0726