Vulnerabilities > CVE-2010-1319 - Numeric Errors vulnerability in Realnetworks products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Misc. |
NASL id | HELIX_SVR_14_MULTIPLE.NASL |
description | According to its banner, the remote host is running version 11.x, 12.x, or 13.x of RealNetworks Helix Server / Helix Mobile Server. Such versions are potentially affected by multiple vulnerabilities : - A heap overflow exists in the NTLM authentication code related to invalid Base64 encoding. (CVE-2010-1317) - A stack-based buffer overflow within AgentX++ could lead to arbitrary code execution. (CVE-2010-1318) - An integer overflow within AgentX++ could lead to arbitrary code execution. (CVE-2010-1319) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 45543 |
published | 2010-04-15 |
reporter | This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/45543 |
title | RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities |