7.5

CVE-2006-3276

Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.04% 0.961
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html
http://labs.musecurity.com/advisories/MU-200606-01.txt
http://secunia.com/advisories/20784
Patch
Vendor Advisory
http://securitytracker.com/id?1016365
http://www.osvdb.org/26799
http://www.securityfocus.com/bid/18606
http://www.vupen.com/english/advisories/2006/2521
https://exchange.xforce.ibmcloud.com/vulnerabilities/27316
https://exchange.xforce.ibmcloud.com/vulnerabilities/27317