Search criteria
8 vulnerabilities found for helix_dna_server by realnetworks
CVE-2010-1317 (GCVE-0-2010-1317)
Vulnerability from nvd – Published: 2010-04-20 15:00 – Updated: 2024-09-17 00:20
VLAI?
Summary
Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39490",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39490"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf"
},
{
"name": "39279",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39279"
},
{
"name": "ADV-2010-0889",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-20T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39490",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39490"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf"
},
{
"name": "39279",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39279"
},
{
"name": "ADV-2010-0889",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0889"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39490"
},
{
"name": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf",
"refsource": "CONFIRM",
"url": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf"
},
{
"name": "39279",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39279"
},
{
"name": "ADV-2010-0889",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0889"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1317",
"datePublished": "2010-04-20T15:00:00Z",
"dateReserved": "2010-04-08T00:00:00Z",
"dateUpdated": "2024-09-17T00:20:44.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4561 (GCVE-0-2007-4561)
Vulnerability from nvd – Published: 2007-08-28 01:00 – Updated: 2024-08-07 15:01
VLAI?
Summary
Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25440"
},
{
"name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118800391412961\u0026w=2"
},
{
"name": "ADV-2007-2986",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2986"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3069"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25440"
},
{
"name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118800391412961\u0026w=2"
},
{
"name": "ADV-2007-2986",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2986"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3069"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25440"
},
{
"name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=118800391412961\u0026w=2"
},
{
"name": "ADV-2007-2986",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2986"
},
{
"name": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3069"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4561",
"datePublished": "2007-08-28T01:00:00",
"dateReserved": "2007-08-27T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6026 (GCVE-0-2006-6026)
Vulnerability from nvd – Published: 2006-11-21 23:00 – Updated: 2024-08-07 20:12
VLAI?
Summary
Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:12:31.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gleg.net/helix.txt"
},
{
"name": "3531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3531"
},
{
"name": "[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html"
},
{
"name": "20070320 Helix Server heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/463333/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf"
},
{
"name": "23068",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23068"
},
{
"name": "21141",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21141"
},
{
"name": "22944",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22944"
},
{
"name": "ADV-2007-1056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1056"
},
{
"name": "20070323 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001459.html"
},
{
"name": "20070324 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001468.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gleg.net/helix.txt"
},
{
"name": "3531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3531"
},
{
"name": "[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html"
},
{
"name": "20070320 Helix Server heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/463333/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf"
},
{
"name": "23068",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23068"
},
{
"name": "21141",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21141"
},
{
"name": "22944",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22944"
},
{
"name": "ADV-2007-1056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1056"
},
{
"name": "20070323 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001459.html"
},
{
"name": "20070324 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001468.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gleg.net/helix.txt",
"refsource": "MISC",
"url": "http://gleg.net/helix.txt"
},
{
"name": "3531",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3531"
},
{
"name": "[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81",
"refsource": "MLIST",
"url": "http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html"
},
{
"name": "20070320 Helix Server heap overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463333/100/0/threaded"
},
{
"name": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml",
"refsource": "MISC",
"url": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml"
},
{
"name": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf",
"refsource": "CONFIRM",
"url": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf"
},
{
"name": "23068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23068"
},
{
"name": "21141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21141"
},
{
"name": "22944",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22944"
},
{
"name": "ADV-2007-1056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1056"
},
{
"name": "20070323 Helix Server LoadTestPassword Overflow",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-March/001459.html"
},
{
"name": "20070324 Helix Server LoadTestPassword Overflow",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-March/001468.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6026",
"datePublished": "2006-11-21T23:00:00",
"dateReserved": "2006-11-21T00:00:00",
"dateUpdated": "2024-08-07T20:12:31.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3276 (GCVE-0-2006-3276)
Vulnerability from nvd – Published: 2006-06-28 22:00 – Updated: 2024-08-07 18:23
VLAI?
Summary
Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes".
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:20.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "helix-dna-rtsp-bo(27316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27316"
},
{
"name": "18606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18606"
},
{
"name": "1016365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016365"
},
{
"name": "ADV-2006-2521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2521"
},
{
"name": "20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html"
},
{
"name": "helix-dna-url-bo(27317)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27317"
},
{
"name": "26799",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26799"
},
{
"name": "20784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20784"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200606-01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the \"parsing of HTTP URL schemes\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "helix-dna-rtsp-bo(27316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27316"
},
{
"name": "18606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18606"
},
{
"name": "1016365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016365"
},
{
"name": "ADV-2006-2521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2521"
},
{
"name": "20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html"
},
{
"name": "helix-dna-url-bo(27317)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27317"
},
{
"name": "26799",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26799"
},
{
"name": "20784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20784"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200606-01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the \"parsing of HTTP URL schemes\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "helix-dna-rtsp-bo(27316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27316"
},
{
"name": "18606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18606"
},
{
"name": "1016365",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016365"
},
{
"name": "ADV-2006-2521",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2521"
},
{
"name": "20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html"
},
{
"name": "helix-dna-url-bo(27317)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27317"
},
{
"name": "26799",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26799"
},
{
"name": "20784",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20784"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200606-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200606-01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3276",
"datePublished": "2006-06-28T22:00:00",
"dateReserved": "2006-06-28T00:00:00",
"dateUpdated": "2024-08-07T18:23:20.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1317 (GCVE-0-2010-1317)
Vulnerability from cvelistv5 – Published: 2010-04-20 15:00 – Updated: 2024-09-17 00:20
VLAI?
Summary
Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39490",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39490"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf"
},
{
"name": "39279",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39279"
},
{
"name": "ADV-2010-0889",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-20T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39490",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39490"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf"
},
{
"name": "39279",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39279"
},
{
"name": "ADV-2010-0889",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0889"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39490"
},
{
"name": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf",
"refsource": "CONFIRM",
"url": "http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf"
},
{
"name": "39279",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39279"
},
{
"name": "ADV-2010-0889",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0889"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1317",
"datePublished": "2010-04-20T15:00:00Z",
"dateReserved": "2010-04-08T00:00:00Z",
"dateUpdated": "2024-09-17T00:20:44.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4561 (GCVE-0-2007-4561)
Vulnerability from cvelistv5 – Published: 2007-08-28 01:00 – Updated: 2024-08-07 15:01
VLAI?
Summary
Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25440"
},
{
"name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118800391412961\u0026w=2"
},
{
"name": "ADV-2007-2986",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2986"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3069"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25440"
},
{
"name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118800391412961\u0026w=2"
},
{
"name": "ADV-2007-2986",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2986"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3069"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25440"
},
{
"name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=118800391412961\u0026w=2"
},
{
"name": "ADV-2007-2986",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2986"
},
{
"name": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3069"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4561",
"datePublished": "2007-08-28T01:00:00",
"dateReserved": "2007-08-27T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6026 (GCVE-0-2006-6026)
Vulnerability from cvelistv5 – Published: 2006-11-21 23:00 – Updated: 2024-08-07 20:12
VLAI?
Summary
Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:12:31.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gleg.net/helix.txt"
},
{
"name": "3531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3531"
},
{
"name": "[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html"
},
{
"name": "20070320 Helix Server heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/463333/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf"
},
{
"name": "23068",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23068"
},
{
"name": "21141",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21141"
},
{
"name": "22944",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22944"
},
{
"name": "ADV-2007-1056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1056"
},
{
"name": "20070323 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001459.html"
},
{
"name": "20070324 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001468.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gleg.net/helix.txt"
},
{
"name": "3531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3531"
},
{
"name": "[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html"
},
{
"name": "20070320 Helix Server heap overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/463333/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf"
},
{
"name": "23068",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23068"
},
{
"name": "21141",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21141"
},
{
"name": "22944",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22944"
},
{
"name": "ADV-2007-1056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1056"
},
{
"name": "20070323 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001459.html"
},
{
"name": "20070324 Helix Server LoadTestPassword Overflow",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-March/001468.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gleg.net/helix.txt",
"refsource": "MISC",
"url": "http://gleg.net/helix.txt"
},
{
"name": "3531",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3531"
},
{
"name": "[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81",
"refsource": "MLIST",
"url": "http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html"
},
{
"name": "20070320 Helix Server heap overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463333/100/0/threaded"
},
{
"name": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml",
"refsource": "MISC",
"url": "http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml"
},
{
"name": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf",
"refsource": "CONFIRM",
"url": "http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf"
},
{
"name": "23068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23068"
},
{
"name": "21141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21141"
},
{
"name": "22944",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22944"
},
{
"name": "ADV-2007-1056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1056"
},
{
"name": "20070323 Helix Server LoadTestPassword Overflow",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-March/001459.html"
},
{
"name": "20070324 Helix Server LoadTestPassword Overflow",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-March/001468.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6026",
"datePublished": "2006-11-21T23:00:00",
"dateReserved": "2006-11-21T00:00:00",
"dateUpdated": "2024-08-07T20:12:31.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3276 (GCVE-0-2006-3276)
Vulnerability from cvelistv5 – Published: 2006-06-28 22:00 – Updated: 2024-08-07 18:23
VLAI?
Summary
Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes".
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:20.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "helix-dna-rtsp-bo(27316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27316"
},
{
"name": "18606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18606"
},
{
"name": "1016365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016365"
},
{
"name": "ADV-2006-2521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2521"
},
{
"name": "20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html"
},
{
"name": "helix-dna-url-bo(27317)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27317"
},
{
"name": "26799",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26799"
},
{
"name": "20784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20784"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200606-01.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the \"parsing of HTTP URL schemes\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "helix-dna-rtsp-bo(27316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27316"
},
{
"name": "18606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18606"
},
{
"name": "1016365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016365"
},
{
"name": "ADV-2006-2521",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2521"
},
{
"name": "20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html"
},
{
"name": "helix-dna-url-bo(27317)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27317"
},
{
"name": "26799",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26799"
},
{
"name": "20784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20784"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200606-01.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the \"parsing of HTTP URL schemes\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "helix-dna-rtsp-bo(27316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27316"
},
{
"name": "18606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18606"
},
{
"name": "1016365",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016365"
},
{
"name": "ADV-2006-2521",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2521"
},
{
"name": "20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html"
},
{
"name": "helix-dna-url-bo(27317)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27317"
},
{
"name": "26799",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26799"
},
{
"name": "20784",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20784"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200606-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200606-01.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3276",
"datePublished": "2006-06-28T22:00:00",
"dateReserved": "2006-06-28T00:00:00",
"dateUpdated": "2024-08-07T18:23:20.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}