Lucene search

[email protected]NVD:CVE-2010-4235

HistoryApr 04, 2011 - 12:27 p.m.

CVE-2010-4235

2011-04-0412:27:36

CWE-134

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

JSON

Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header.

Affected configurations

NVD

Node

realnetworkshelix_serverMatch12.0.0

realnetworkshelix_serverMatch12.0.1

realnetworkshelix_serverMatch13.0.0

realnetworkshelix_serverMatch13.1.1

realnetworkshelix_serverMatch14.0.0

realnetworkshelix_serverMatch14.0.1

Node

realnetworkshelix_mobile_serverMatch12.0

realnetworkshelix_mobile_serverMatch13.1.1

realnetworkshelix_mobile_serverMatch14.0.0

realnetworkshelix_mobile_serverMatch14.0.1

References

docs.real.com/docs/security/SecurityUpdate033111HS.pdf

www.securityfocus.com/bid/47110

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

JSON

Related for NVD:CVE-2010-4235

cve1 prion1 zdi1 cvelist1 seebug1 openvas2