PT-2009-4935 · Realnetworks · Helix Mobile Server+1

Damian Frizza

Publicado

2009-07-20

Atualizado

2018-10-10

CVE-2009-2533

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions RealNetworks Helix Server versions prior to 13.0.0 RealNetworks Helix Mobile Server versions prior to 13.0.0

Description The issue allows remote attackers to cause a denial of service, resulting in the daemon exiting. This is achieved by sending multiple RTSP SET PARAMETER requests with empty DataConvertBuffer headers.

Recommendations For RealNetworks Helix Server versions prior to 13.0.0, update to version 13.0.0 or later. For RealNetworks Helix Mobile Server versions prior to 13.0.0, update to version 13.0.0 or later.

Exploit

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2009-2533

Produtos afetados

Helix Mobile Server

Helix Server

PT-2009-4935 · Realnetworks · Helix Mobile Server+1

CVE-2009-2533

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9