Published: 20/04/2010 Updated: 24/11/2010

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x up to and including 13.x and other products, allows remote malicious users to execute arbitrary code via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
realnetworks helix server 11.0
realnetworks helix server
realnetworks helix mobile server
realnetworks helix server mobile 11.0
realnetworks helix server mobile 13.0.0
realnetworks helix server 12.0.0
realnetworks helix server mobile 12.0.0
realnetworks helix server 12.0.1
realnetworks helix server 11.1

AgentX++ stack buffer overflow proof of concept exploit ...

# Exploit Title: Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability # Date: 2010-04-17 # Author: ZSploitcom # Software Link: N/A # Version: N/A # Tested on: RealNetworks Helix Server v11 # CVE : CVE-2010-1318 #! /usr/bin/env python ############################################################################### ## File : zs_agentx ...

## # $Id: agentxpp_receive_agentxrb 9279 2010-05-11 01:56:20Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

CWE-119 http://www.vupen.com/english/advisories/2010/0889 http://www.securityfocus.com/bid/39490 http://secunia.com/advisories/39279 http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf https://nvd.nist.gov https://packetstormsecurity.com/files/88620/AgentX-Stack-Buffer-Overflow.html https://www.exploit-db.com/exploits/12274/

CVE-2010-1318

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect