CVE-2010-4596

{"id": "CVE-2010-4596", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-04-04T12:27:36.390", "references": [{"url": "http://docs.real.com/docs/security/SecurityUpdate033111HS.pdf", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=899", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/47109", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en RealNetworks Helix Server v12.x, v13.x, v14.x, y antes de v14.2, y Helix Mobile Server v12.x, v13.x, v14.x, y antes de v14.2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una cadena larga en una petici\u00f3n RTSP."}], "lastModified": "2011-04-06T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:realnetworks:helix_server:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0890EDD4-63FF-43EC-9EC4-852B34E00F51"}, {"criteria": "cpe:2.3:a:realnetworks:helix_server:12.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "572FD8A6-20D8-4639-BFD5-A295E97D8A3A"}, {"criteria": "cpe:2.3:a:realnetworks:helix_server:13.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DFAFCD3-1B0A-47D3-9A52-F239A2DD5031"}, {"criteria": "cpe:2.3:a:realnetworks:helix_server:13.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CD3D811-1423-4E04-AF4F-040A24942E4E"}, {"criteria": "cpe:2.3:a:realnetworks:helix_server:14.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCA41FC7-3705-4E40-805C-8A82DDF0188F"}, {"criteria": "cpe:2.3:a:realnetworks:helix_server:14.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E39B1E7-515E-49B9-BB32-18D964F723AF"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:realnetworks:helix_mobile_server:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "396EFF05-B05F-46DE-8DF9-930A056B783B"}, {"criteria": "cpe:2.3:a:realnetworks:helix_mobile_server:13.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A146FCCF-85F6-4853-ACA9-10949951AA0E"}, {"criteria": "cpe:2.3:a:realnetworks:helix_mobile_server:14.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD06FC5A-80AB-4A49-8F49-421D871775C1"}, {"criteria": "cpe:2.3:a:realnetworks:helix_mobile_server:14.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EA0E7AC-DEB4-4B41-9AEB-0752447CA6A0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}