| |
Vulnerability CVE-2010-4596
Published: 2011-04-04 Modified: 2012-02-13
| Description: |
Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request. |
Type:
CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
9.3/10 |
10/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
http://www.securityfocus.com/bid/47109
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=899
http://docs.real.com/docs/security/SecurityUpdate033111HS.pdf
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
