CVE-2007-4561
https://notcve.org/view.php?id=CVE-2007-4561
Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers. Desbordamiento de búfer basado en pila en los servicios RTSP en Helix DNA Server anterior a 11.1.4 permite a atacantes remotos ejecutar código de su elección a través de una comando RSTP contieniendo múltiples cabeceras Require. • http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt http://marc.info/?l=full-disclosure&m=118800391412961&w=2 http://secunia.com/advisories/26609 http://securityreason.com/securityalert/3069 http://www.securityfocus.com/bid/25440 http://www.securitytracker.com/id?1018605 http://www.vupen.com/english/advisories/2007/2986 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-3276
https://notcve.org/view.php?id=CVE-2006-3276
Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes". Desbordamiento de búfer basado en memoria dinámica -heap- en RealNetworks Helix DNA Server v10.0 y v11.0 permite a atacantes remotos ejecutar código de su elección a través de (1)una cabecera larga HTTP User-Agent en el servicio RTSP y (2) vectores no especificados que incluyen "parsing of HTTP URL schemes". • http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html http://labs.musecurity.com/advisories/MU-200606-01.txt http://secunia.com/advisories/20784 http://securitytracker.com/id?1016365 http://www.osvdb.org/26799 http://www.securityfocus.com/bid/18606 http://www.vupen.com/english/advisories/2006/2521 https://exchange.xforce.ibmcloud.com/vulnerabilities/27316 https://exchange.xforce.ibmcloud.com/vulnerabilities/27317 •