GEN:SID 1:2412
Message ATTACK-RESPONSES successful cross site scripting forced download attempt
Summary This event is generated when a cross-site scripting attempt using
RealNetworks RealPlayer has been successful.
Impact Cross site scripting, information disclosure.
Detailed Information A vulnerability exists in versions of RealPlayer from RealNetworks that
may allow a remote attacker to launch a sucessful cross-site scripting
attack against a host running the application.

This event is indicative of a successful attack.
Affected Systems RealNetworks RealPlayer
    
Attack Scenarios An attacker can supply a malformed file to the client making the request
and use the vulnerability to gain sensitive information from the host.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References