Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1985


Vulnerability Score 6.8 6.8
CVE Id CVE-2012-1985
Last Modified 13 Aug 2012 11:36:53
Published 17 Apr 2012 12:26:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL.

Vulnerable Systems


  • Realnetworks Helix Mobile Server 14.0.0

  • Realnetworks Helix Mobile Server 14.0.1

  • Realnetworks Helix Server 14.0.0

  • Realnetworks Helix Server 14.0.1

  • Realnetworks Helix Server 14.2

  • Realnetworks Helix Server



BID - 52929

Last Updated: 27 May 2016 10:58:24