What is CVE-2002-1643?

CVE-2002-1643 is a vulnerability in N/a. Published 2005-03-28.

Is CVE-2002-1643 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-1643

Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument…

EPSS: 0.806 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.service.real.com/help/faq/security/bufferoverrun12192002.html (x_refsource_CONFIRM)
helix-rtsp-describe-bo(10916) (vdb-entry, x_refsource_XF)
VU#974689 (x_refsource_CERT-VN, third-party-advisory)
20021220 RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002) (mailing-list, x_refsource_BUGTRAQ)
helix-rtsp-setup-bo(10915) (vdb-entry, x_refsource_XF)
6454 (vdb-entry, x_refsource_BID)
6456 (vdb-entry, x_refsource_BID)
6458 (vdb-entry, x_refsource_BID)
www.nextgenss.com/advisories/realhelix.txt (x_refsource_MISC)
helix-http-get-bo(10917) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2002-1643?: CVE-2002-1643 is a vulnerability in N/a. Published 2005-03-28.
Is CVE-2002-1643 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.