CVE-2010-4235

Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:realnetworks:helix_server:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:12.0.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:13.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:13.1.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:14.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_server:14.0.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:realnetworks:helix_mobile_server:12.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_mobile_server:13.1.1:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_mobile_server:14.0.0:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:helix_mobile_server:14.0.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:20

Type Values Removed Values Added
References () http://docs.real.com/docs/security/SecurityUpdate033111HS.pdf - Vendor Advisory () http://docs.real.com/docs/security/SecurityUpdate033111HS.pdf - Vendor Advisory
References () http://www.securityfocus.com/bid/47110 - () http://www.securityfocus.com/bid/47110 -

Information

Published : 2011-04-04 12:27

Updated : 2024-11-21 01:20


NVD link : CVE-2010-4235

Mitre link : CVE-2010-4235

CVE.ORG link : CVE-2010-4235


JSON object : View

Products Affected

realnetworks

  • helix_server
  • helix_mobile_server
CWE
CWE-134

Use of Externally-Controlled Format String