Vulnerability in Realnetworks Helix_mobile_server

CVE-2010-4235

Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile…

EPSS: 0.043 (89.1th percentile) — read the EPSS interpretation.

Affected products

Realnetworks Helix_mobile_server — versions 12.0, 13.1.1, 14.0.0
Realnetworks Helix_server — versions 12.0.0, 12.0.1, 13.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-134 — Use of Externally-Controlled Format String

References

47110 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)