In association with heise online

02 January 2009, 10:01

Security update for RealNetworks Helix Server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

RealNetworks has released an update to its Helix streaming media server, fixing four security vulnerabilities. According to the update notes, a heap overflow when processing RTSP DESCRIBE commands allows attackers to execute arbitrary code on the server. Similar issues occur with the Helix Server DataConvertBuffer and NTLM authentication with particular Base64 encoded data. The server is also vulnerable to a denial of service attack, using just three crafted packets.

The affected versions are Helix Server versions 11.x and 12.x and Helix Mobile Server versions 11.x and 12.x, with the vulnerabilities fixed in versions 11.1.8 and 12.0.1 of both Server and Mobile Server.

See Also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit