what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-079
Posted Apr 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-1317
MD5 | 53d87a8058df5d5de20421ffa49c121e
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close