Vulnerability Details CVE-2010-1317
Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/39279
- http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf
- http://www.securityfocus.com/bid/39490
- http://www.vupen.com/english/advisories/2010/0889
- http://secunia.com/advisories/39279
- http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf
- http://www.securityfocus.com/bid/39490
- http://www.vupen.com/english/advisories/2010/0889
Products affected by CVE-2010-1317
-
cpe:2.3:a:realnetworks:helix_dna_server:11.0
-
cpe:2.3:a:realnetworks:helix_dna_server:11.1
-
cpe:2.3:a:realnetworks:helix_dna_server:11.1.2
-
cpe:2.3:a:realnetworks:helix_dna_server:11.1.3
-
cpe:2.3:a:realnetworks:helix_dna_server:12.0
-
cpe:2.3:a:realnetworks:helix_dna_server:13.0
-
cpe:2.3:a:realnetworks:helix_server:11.0
-
cpe:2.3:a:realnetworks:helix_server:11.1
-
cpe:2.3:a:realnetworks:helix_server:12.0.0
-
cpe:2.3:a:realnetworks:helix_server:13.0.0
-
cpe:2.3:a:realnetworks:helix_server_mobile:11.0
-
cpe:2.3:a:realnetworks:helix_server_mobile:12.0.0
-
cpe:2.3:a:realnetworks:helix_server_mobile:13.0.0