RealNetworks Helix Server Multiple Remote Vulnerabilities
BID:52929
Info
RealNetworks Helix Server Multiple Remote Vulnerabilities
| Bugtraq ID: | 52929 |
| Class: | Unknown |
| CVE: |
CVE-2012-0942 CVE-2012-1923 CVE-2012-1984 CVE-2012-1985 CVE-2012-2267 CVE-2012-2268 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 09 2012 12:00AM |
| Updated: | Jun 22 2012 09:20AM |
| Credit: | Dmitriy Pletnev of Secunia Research and Tom Gallagher of Microsoft Vulnerability Research (MSVR). |
| Vulnerable: |
Real Networks Helix Server 14.2.0.212 Real Networks Helix Mobile Server 14.0 |
| Not Vulnerable: |
Real Networks Helix Server 14.3 |
Discussion
RealNetworks Helix Server Multiple Remote Vulnerabilities
RealNetworks Helix Server is prone to multiple remote vulnerabilities.
Attackers can exploit theses issues to execute arbitrary code within the context of the affected application, cause denial-of service conditions, retrieve potentially sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, and steal cookie-based authentication credentials.
RealNetworks Helix Server 14.2.0.212 is vulnerable; other versions may also be affected.
RealNetworks Helix Server is prone to multiple remote vulnerabilities.
Attackers can exploit theses issues to execute arbitrary code within the context of the affected application, cause denial-of service conditions, retrieve potentially sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, and steal cookie-based authentication credentials.
RealNetworks Helix Server 14.2.0.212 is vulnerable; other versions may also be affected.
Exploit / POC
RealNetworks Helix Server Multiple Remote Vulnerabilities
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Some of these issues may be trivial to exploit and not require specific exploit code.
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Some of these issues may be trivial to exploit and not require specific exploit code.
Solution / Fix
RealNetworks Helix Server Multiple Remote Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
RealNetworks Helix Server Multiple Remote Vulnerabilities
References:
References:
- Helix Server Homepage (RealNetworks)
- RealNetworks Helix Server Updated April 2, 2012 (RealNetworks)
- Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service V (Secunia Research)
- Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issu (Secunia Research)