HTTP: RealNetworks RealPlayer SMIL Cross Site Scripting
This signature detects attempts to exploit a known cross-site scripting vulnerability against RealNetworks RealPlayer. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.
Extended Description
A vulnerability has been reported in RealOne Player. Script embedded in SMIL presentations may be executed in the context of a domain that is specified by an attacker. In particular, if a URI is opened from within a SMIL file, embedded script code may access the properties of the URI's domain. This could allow for theft of cookie-based authentication credentials, but more seriously, could also cause embedded script code to be executed in the context of the My Computer Zone. This issue is a variant of the vulnerability described in BID 8453. The syntax used to embed script code is different than the previous vulnerability, and this new issue affects fixed versions of the player. As with the previous issue, there is also a likelihood that malicious script code could be embedded into other file types that are handled by the player.
Affected Products
Real_networks realone_player
Short Name
HTTP:XSS:REALPLAYER-SMIL
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2003-0726 Cross RealNetworks RealPlayer SMIL Scripting Site bid:9378
Release Date
01/03/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Real_networks
CVSS Score
5.1