Vulnerability Details CVE-2010-4596
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.058
EPSS Ranking 90.0%
CVSS Severity
CVSS v2 Score 9.3
References
- http://docs.real.com/docs/security/SecurityUpdate033111HS.pdf
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=899
- http://www.securityfocus.com/bid/47109
- http://docs.real.com/docs/security/SecurityUpdate033111HS.pdf
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=899
- http://www.securityfocus.com/bid/47109
Products affected by CVE-2010-4596
-
cpe:2.3:a:realnetworks:helix_mobile_server:12.0
-
cpe:2.3:a:realnetworks:helix_mobile_server:13.1.1
-
cpe:2.3:a:realnetworks:helix_mobile_server:14.0.0
-
cpe:2.3:a:realnetworks:helix_mobile_server:14.0.1
-
cpe:2.3:a:realnetworks:helix_server:12.0.0
-
cpe:2.3:a:realnetworks:helix_server:12.0.1
-
cpe:2.3:a:realnetworks:helix_server:13.0.0
-
cpe:2.3:a:realnetworks:helix_server:13.1.1
-
cpe:2.3:a:realnetworks:helix_server:14.0.0
-
cpe:2.3:a:realnetworks:helix_server:14.0.1