Описание
Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.1.2 (включая)Версия до 11.1.2 (включая)
Одно из
cpe:2.3:a:realnetworks:helix_dna_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_dna_server:11.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_mobile_server:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:11.1:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.30408
Средний
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.
EPSS
Процентиль: 97%
0.30408
Средний
10 Critical
CVSS2
Дефекты
CWE-119