CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.6%
Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.
Vendor | Product | Version | CPE |
---|---|---|---|
realnetworks | helix_server | 11.0 | cpe:2.3:a:realnetworks:helix_server:11.0:*:*:*:*:*:*:* |
realnetworks | helix_server | 12.0.0 | cpe:2.3:a:realnetworks:helix_server:12.0.0:*:*:*:*:*:*:* |
realnetworks | helix_server_mobile | 11.0 | cpe:2.3:a:realnetworks:helix_server_mobile:11.0:*:*:*:*:*:*:* |
realnetworks | helix_server_mobile | 12.0.0 | cpe:2.3:a:realnetworks:helix_server_mobile:12.0.0:*:*:*:*:*:*:* |