Added: 03/18/2008
CVE: CVE-2008-5911
BID: 33059
RealNetworks Helix Server is a media server supporting multiple formats and platforms.
A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted Proxy-Require header in an RTSP request.
Upgrade to Helix Server 11.1.8 or 12.0.1 or higher.
<http://docs.real.com/docs/security/SecurityUpdate121508HS.pdf>
Exploit works on RealNetworks Helix Server 12.0 on Windows Server 2003 SP2.
Due to the nature of the vulnerability, the success of this exploit may depend on the state of the target system’s memory.
Windows