CyberSec.Space Logo
Back to CVE Browser

CVE-2006-3276

HIGH
7.5
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile17.13th
PublishedJun 28, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes".

Affected Platforms (CPE)

πŸ“¦
Realnetworks

Helix Dna Server

= 10.0
πŸ“¦
Realnetworks

Helix Dna Server

= 11.0

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0600.html
πŸ”— http://labs.musecurity.com/advisories/MU-200606-01.txt
πŸ”— http://secunia.com/advisories/20784
πŸ”— http://securitytracker.com/id?1016365
πŸ”— http://www.osvdb.org/26799
πŸ”— http://www.securityfocus.com/bid/18606
πŸ”— http://www.vupen.com/english/advisories/2006/2521
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/27316

Related Vulnerabilities

CVE-2006-602610.0

Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1...

CVE-2007-456110.0

Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code...

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...