CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4561

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0230%
EPSS Percentile17.27th
PublishedAug 28, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers.

Affected Platforms (CPE)

πŸ“¦
Realnetworks

Helix Dna Server

= 10.0
πŸ“¦
Realnetworks

Helix Dna Server

= 11.0
πŸ“¦
Realnetworks

Helix Dna Server

= 11.1
πŸ“¦
Realnetworks

Helix Dna Server

= 11.1.2
πŸ“¦
Realnetworks

Helix Dna Server

= 11.1.3

References & Advisories

πŸ”— http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt
πŸ”— http://marc.info/?l=full-disclosure&m=118800391412961&w=2
πŸ”— http://secunia.com/advisories/26609
πŸ”— http://securityreason.com/securityalert/3069
πŸ”— http://www.securityfocus.com/bid/25440
πŸ”— http://www.securitytracker.com/id?1018605
πŸ”— http://www.vupen.com/english/advisories/2007/2986
πŸ”— http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt

Related Vulnerabilities

CVE-2006-602610.0

Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1...

CVE-2006-32767.5

Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1...

CVE-2007-023610.0

Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attacker...

CVE-2007-025410.0

Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code...