RealNetworks Helix and Helix Mobile Server NTLM Authentication Heap Buffer Overflow Vulnerability

RealNetworks Helix Server and Helix Mobile Server are prone to a remote heap-based buffer-overflow vulnerability during NTLM authentication.

Exploiting this issue may allow attackers to gain unauthorized access to affected computers. Failed attempts may cause the affected application to crash, denying service to legitimate users.

This issue affects versions prior to Helix Server and Helix Mobile Server 14.0.

NOTE: This BID was formerly titled 'RealNetworks Helix and Helix Mobile Server Multiple Remote Code Execution Vulnerabilities' and covered three vulnerabilities; the two AgentX issues have received their own records (39561 AgentX++ 'AgentX::receive_agentx()' Remote Code Execution Vulnerability and 39564 AgentX++ 'AgentX::receive_agentx()' Remote Stack Buffer Overflow Vulnerability) to better document them.


Privacy Statement
Copyright 2010, SecurityFocus