Vulnerabilities > Realnetworks > Helix Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-20 | CVE-2010-1317 | Buffer Errors vulnerability in Realnetworks Helix DNA Server, Helix Server and Helix Server Mobile Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data. | 7.5 |
| 2009-07-20 | CVE-2009-2534 | Improper Input Validation vulnerability in Realnetworks Helix Server and Helix Server Mobile RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allow remote attackers to cause a denial of service (daemon crash) via an RTSP SETUP request that (1) specifies the / URI or (2) lacks a / character in the URI. | 5.0 |
| 2009-07-20 | CVE-2009-2533 | Improper Input Validation vulnerability in Realnetworks Helix Server and Helix Server Mobile rmserver in RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allows remote attackers to cause a denial of service (daemon exit) via multiple RTSP SET_PARAMETER requests with empty DataConvertBuffer headers. | 5.0 |
| 2009-01-20 | CVE-2008-5911 | Buffer Errors vulnerability in Realnetworks Helix Server and Helix Server Mobile Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request. | 10.0 |
| 2006-11-21 | CVE-2006-6026 | Buffer Errors vulnerability in Realnetworks Helix DNA Server, Helix Mobile Server and Helix Server Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field. | 10.0 |