10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.937 High
EPSS
Percentile
99.1%
Added: 04/27/2010
CVE: CVE-2010-1318
BID: 39564
OSVDB: 63919
RealNetworks Helix Server is a media server supporting multiple formats and platforms.
A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receive_agentx function. A remote unauthenticated attacker can exploit this vulnerability by sending multiple blocks of data to the target server on port 705/TCP.
Successful exploitation could result in arbitrary code injection and execution with the system privileges. Code injection that does not result in execution could terminate the application due to memory corruption, and could result in a Denial of Service condition.
Upgrade to Helix Server 14.0 or later.
<http://secunia.com/advisories/39279/>
Exploit works on RealNetworks Helix Server 13 on Windows Server 2003 SP2.
Windows