CVE-2010-1319
RealNetworks Helix Server and Helix Mobile Server < 13.1.1 - Remote Code Execution via Crafted AgentX Payload Length
Title source: manualDescription
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/39490
Vendor Advisory x_refsource_confirm
http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39279
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0889
Scores
EPSS
0.0363
EPSS Percentile
88.0%
Details
CWE
CWE-189
Status
published
Products (9)
realnetworks/helix_mobile_server
< 13.1.1
realnetworks/helix_server
11.0
realnetworks/helix_server
11.1
realnetworks/helix_server
12.0.0
realnetworks/helix_server
12.0.1
realnetworks/helix_server
< 13.1.1
realnetworks/helix_server_mobile
11.0
realnetworks/helix_server_mobile
12.0.0
realnetworks/helix_server_mobile
13.0.0
Published
Apr 20, 2010
Tracked Since
Feb 18, 2026