Unrated severityNVD Advisory· Published Nov 21, 2006· Updated Apr 23, 2026
CVE-2006-6026
CVE-2006-6026
Description
Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.
Affected products
6cpe:2.3:a:realnetworks:helix_dna_server:11.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:realnetworks:helix_dna_server:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_dna_server:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_mobile_server:*:*:*:*:*:*:*:*Range: <=11.1.2
cpe:2.3:a:realnetworks:helix_server:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:realnetworks:helix_server:*:*:*:*:*:*:*:*range: <=11.1.2
- cpe:2.3:a:realnetworks:helix_server:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:realnetworks:helix_server:11.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- secunia.com/advisories/22944nvdVendor Advisory
- www.vupen.com/english/advisories/2007/1056nvdVendor Advisory
- docs.real.com/docs/security/SecurityUpdate032107Server.pdfnvd
- gleg.net/helix.txtnvd
- lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.htmlnvd
- web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtmlnvd
- www.attrition.org/pipermail/vim/2007-March/001459.htmlnvd
- www.attrition.org/pipermail/vim/2007-March/001468.htmlnvd
- www.securityfocus.com/archive/1/463333/100/0/threadednvd
- www.securityfocus.com/bid/21141nvd
- www.securityfocus.com/bid/23068nvd
- www.exploit-db.com/exploits/3531nvd
News mentions
0No linked articles in our index yet.