HIGH✓ PATCH🇬🇧 English

CVE-2010-4235

CVSS 10.0v2.0pub. 2011-04-04upd. 2026-04-29

Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Realnetworks Helix Mobile Server

    APP
    Realnetworks
    12.013.1.114.0.014.0.1
  • Realnetworks Helix Server

    APP
    Realnetworks
    12.0.012.0.113.0.013.1.114.0.014.0.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2012-0942HIGH7.5ten sam produkt

Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows ...

CVE-2010-4596HIGH9.3ten sam produkt

Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Se...

CVE-2010-1319HIGH10.0ten sam produkt

Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Serv...

CVE-2010-1317HIGH7.5ten sam produkt

Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mob...

CVE-2010-1318HIGH10.0ten sam produkt

Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks...

CVE-2010-4235 — HIGH 10.0 | CVEbaza.pl