CVE-2010-1318

RealNetworks Helix Server < 13.1.1 - Remote Code Execution via Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-1318. PoCs published by Metasploit, ZSploit.com, jduck, including Metasploit module exploits/windows/misc/agentxpp_receive_agentx.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in AgentX++ (CVE-2010-1318) by sending a crafted request to trigger arbitrary code execution, potentially with SYSTEM privileges. It leverages a Metasploit module to exploit Helix Server v12/v13's master.exe service.

Description

Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16452

This exploit targets a stack buffer overflow in AgentX++ (CVE-2010-1318) by sending a crafted request to trigger arbitrary code execution, potentially with SYSTEM privileges. It leverages a Metasploit module to exploit Helix Server v12/v13's master.exe service.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: AgentX++ (Helix Server v12/v13 - master.exe)
No auth needed
Prerequisites: Network access to the target service on port 705 · Target system without NX/XD protection
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by ZSploit.com · pythondoswindows
https://www.exploit-db.com/exploits/12274

This exploit targets a stack buffer overflow in Multiple Vendor AgentX++ by sending two malformed packets to overwrite the stack buffer. The PoC demonstrates a denial-of-service condition by triggering an access violation.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Multiple Vendor AgentX++ (e.g., RealNetworks Helix Server v11)
No auth needed
Prerequisites: Network access to the target system on port 705
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/agentxpp_receive_agentx.rb

This Metasploit module exploits a stack buffer overflow in the AgentX++ library (CVE-2010-1318) by sending a crafted AgentX request to trigger arbitrary code execution. It targets master.exe in Real Network's Helix Server v12/v13, leveraging a JMP ESP instruction in msvcp71.dll for payload execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Real Network Helix Server v12/v13 (master.exe)
No auth needed
Prerequisites: Network access to TCP port 705 · Target system without NX/XD protection
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/39490
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39279
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0889

Scores

EPSS 0.5805
EPSS Percentile 99.0%

Details

CWE
CWE-119
Status published
Products (9)
realnetworks/helix_mobile_server < 13.1.1
realnetworks/helix_server 11.0
realnetworks/helix_server 11.1
realnetworks/helix_server 12.0.0
realnetworks/helix_server 12.0.1
realnetworks/helix_server < 13.1.1
realnetworks/helix_server_mobile 11.0
realnetworks/helix_server_mobile 12.0.0
realnetworks/helix_server_mobile 13.0.0
Published Apr 20, 2010
Tracked Since Feb 18, 2026