Lucene search

K
cve[email protected]CVE-2010-4235
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4235

2022-10-0316:21:06
CWE-134
web.nvd.nist.gov
19
nvd
cve-2010-4235
realnetworks helix server
helix mobile server
format string vulnerability
remote code execution

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

86.0%

Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header.

Affected configurations

NVD
Node
realnetworkshelix_serverMatch12.0.0
OR
realnetworkshelix_serverMatch12.0.1
OR
realnetworkshelix_serverMatch13.0.0
OR
realnetworkshelix_serverMatch13.1.1
OR
realnetworkshelix_serverMatch14.0.0
OR
realnetworkshelix_serverMatch14.0.1
Node
realnetworkshelix_mobile_serverMatch12.0
OR
realnetworkshelix_mobile_serverMatch13.1.1
OR
realnetworkshelix_mobile_serverMatch14.0.0
OR
realnetworkshelix_mobile_serverMatch14.0.1

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

86.0%

Related for CVE-2010-4235