Описание
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 13.1.1 (включая)Версия до 13.1.1 (включая)
Одно из
cpe:2.3:a:realnetworks:helix_mobile_server:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:*:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:11.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:12.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server_mobile:11.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server_mobile:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server_mobile:13.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03626
Низкий
10 Critical
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
почти 4 года назад
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length.
EPSS
Процентиль: 87%
0.03626
Низкий
10 Critical
CVSS2
Дефекты
CWE-189