CVE-2010-1317 – Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-1317

Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via invalid base64-encoded data. Desbordamiento de búfer basado en pila en la funcionalidad de autenticación en RealNetworks Helix Server y Helix Mobile Server v11.x, v12.x, y v13.x, permite a atacantes remotos tener un impacto inesperado a través de un dato base64-encodec inválido. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. • http://secunia.com/advisories/39279 http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf http://www.securityfocus.com/bid/39490 http://www.vupen.com/english/advisories/2010/0889 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •