PT-2012-3711 · Realnetworks · Helix Server+1
Published
2012-04-17
·
Updated
2017-12-29
·
CVE-2012-1985
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
RealNetworks Helix Server and Helix Mobile Server versions prior to 14.3.x
Description
A cross-site request forgery issue allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service, resulting in stack consumption and daemon crash, via a malformed URL.
Recommendations
For versions prior to 14.3.x, update to version 14.3.x or later to resolve the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Helix Mobile Server
Helix Server