CVE-2012-1923
published 2012-04-17CVE-2012-1923: RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain…
PriorityP422low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
38.25%
98.4th percentile
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realnetworks | helix_mobile_server | — | — |
| realnetworks | helix_mobile_server | — | — |
| realnetworks | helix_server | — | — |
| realnetworks | helix_server | — | — |
| realnetworks | helix_server | — | — |
| realnetworks | helix_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mpph-x5fm-mpvj: RealNetworks Helix Server and Helix Mobile Server 14
ghsa_unreviewed·2022-05-14
CVE-2012-1923 [LOW] GHSA-mpph-x5fm-mpvj: RealNetworks Helix Server and Helix Mobile Server 14
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.
GHSA
GHSA-c8w6-3qfg-vcm5: master
ghsa_unreviewed·2022-05-14·CVSS 2.1
CVE-2012-2268 [LOW] CWE-20 GHSA-c8w6-3qfg-vcm5: master
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different vulnerability than CVE-2012-1923.
GHSA
GHSA-3hm9-jjjg-c87v: master
ghsa_unreviewed·2022-05-14·CVSS 2.1
CVE-2012-2267 [LOW] GHSA-3hm9-jjjg-c87v: master
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (daemon crash) by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2012-04/0062.htmlhttp://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdfhttp://secunia.com/secunia_research/2012-8/http://www.securityfocus.com/bid/52929http://www.securitytracker.com/id?1026898https://exchange.xforce.ibmcloud.com/vulnerabilities/74673http://archives.neohapsis.com/archives/bugtraq/2012-04/0062.htmlhttp://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdfhttp://secunia.com/secunia_research/2012-8/http://www.securityfocus.com/bid/52929http://www.securitytracker.com/id?1026898https://exchange.xforce.ibmcloud.com/vulnerabilities/74673
2012-04-17
Published