Vulnerabilities > CVE-2006-3276 - Remote Code Execution vulnerability in RealNetworks Helix DNA Server 10.0/11.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
realnetworks

Summary

Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes". Upgrade to Helix DNA Server version 11.1 : https://helix-server.helixcommunity.org/2005/devdocs/builds

Vulnerable Configurations

Part Description Count
Application
Realnetworks
2