Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:7530019A6F35D3FE196DD8AFD30A1FF0
HistoryApr 27, 2010 - 12:00 a.m.

RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow

2010-04-2700:00:00
SAINT Corporation
download.saintcorporation.com
9

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.937 High

EPSS

Percentile

99.1%

JSON

Added: 04/27/2010
CVE: CVE-2010-1318
BID: 39564
OSVDB: 63919

Background

RealNetworks Helix Server is a media server supporting multiple formats and platforms.

Problem

A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receive_agentx function. A remote unauthenticated attacker can exploit this vulnerability by sending multiple blocks of data to the target server on port 705/TCP.

Successful exploitation could result in arbitrary code injection and execution with the system privileges. Code injection that does not result in execution could terminate the application due to memory corruption, and could result in a Denial of Service condition.

Resolution

Upgrade to Helix Server 14.0 or later.

References

<http://secunia.com/advisories/39279/&gt;

Limitations

Exploit works on RealNetworks Helix Server 13 on Windows Server 2003 SP2.

Platforms

Windows

Related

saint 3
packetstorm 2
securityvulns 2
seebug 1
prion 1
cve 1
exploitpack 1
checkpoint_advisories 1
nvd 1
cvelist 1
exploitdb 1
nessus 2
openvas 2
saint
saint
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
2010-04-27 00:00:00
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
2010-04-27 00:00:00
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
2010-04-27 00:00:00
packetstorm
packetstorm
AgentX++ Stack Buffer Overflow
2010-04-19 00:00:00
AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow
2010-05-08 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability
2010-04-26 00:00:00
AgentX++ library / Helix Server multiple security vulnerabilities
2010-04-29 00:00:00
seebug
seebug
Multiple Vendor AgentX++ Stack Buffer Overflow
2014-07-01 00:00:00
prion
prion
Stack overflow
2010-04-20 15:30:00
cve
cve
CVE-2010-1318
2022-10-03 16:21:00
exploitpack
exploitpack
Multiple Vendor AgentX++ - Stack Buffer Overflow (PoC)
2010-04-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Vendors AgentX receive_agentx Stack Buffer Overflow (CVE-2010-1318)
2010-06-10 00:00:00
nvd
nvd
CVE-2010-1318
2010-04-20 15:30:00
cvelist
cvelist
CVE-2010-1318
2022-10-03 16:21:00
exploitdb
exploitdb
Multiple Vendor AgentX++ - Stack Buffer Overflow (PoC)
2010-04-17 00:00:00
nessus
nessus
RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities
2010-04-15 00:00:00
RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities
2010-04-15 00:00:00
openvas
openvas
RealNetworks Helix and Helix Mobile Server Multiple Remote Code Execution Vulnerabilities
2010-04-15 00:00:00
RealNetworks Helix and Helix Mobile Server Multiple RCE Vulnerabilities
2010-04-15 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.937 High

EPSS

Percentile

99.1%

JSON
Related for SAINT:7530019A6F35D3FE196DD8AFD30A1FF0
saint3packetstorm2securityvulns2seebug1prion1cve1exploitpack1checkpoint_advisories1nvd1cvelist1exploitdb1nessus2openvas2