Vulnerability Details : CVE-2010-1319
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2010-1319
Probability of exploitation activity in the next 30 days: 32.22%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-1319
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2010-1319
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-1319
-
http://www.securityfocus.com/bid/39490
RealNetworks Helix and Helix Mobile Server NTLM Authentication Heap Buffer Overflow Vulnerability
-
http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf
404 | RealnetworksVendor Advisory
-
http://www.vupen.com/english/advisories/2010/0889
Webmail | OVH- OVHVendor Advisory
Products affected by CVE-2010-1319
- cpe:2.3:a:realnetworks:helix_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server:12.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server_mobile:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server_mobile:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server_mobile:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_mobile_server:*:*:*:*:*:*:*:*