CVE-2010-1318

AgentX++ <1.4.16 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16452

View Code ZIP pw:eip

exploitdb WORKING POC

by ZSploit.com · pythondoswindows

https://www.exploit-db.com/exploits/12274

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by jduck · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/agentxpp_receive_agentx.rb

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/39279

[Various Sources] http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/0889

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/39490

Scores

EPSS 0.7759

EPSS Percentile 99.0%

Details

CWE

CWE-119

Status published

Products (9)

realnetworks/helix_mobile_server < 13.1.1

realnetworks/helix_server 11.0

realnetworks/helix_server 11.1

realnetworks/helix_server 12.0.0

realnetworks/helix_server 12.0.1

realnetworks/helix_server < 13.1.1

realnetworks/helix_server_mobile 11.0

realnetworks/helix_server_mobile 12.0.0

realnetworks/helix_server_mobile 13.0.0

Published Apr 20, 2010

Tracked Since Feb 18, 2026