RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.
The product dereferences a pointer that it expects to be valid but is NULL.
Link | Tags |
---|---|
http://secunia.com/advisories/11395 | broken link third party advisory vendor advisory |
http://www.idefense.com/application/poi/display?id=102&type=vulnerabilities | patch vendor advisory exploit third party advisory broken link |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15880 | vdb entry third party advisory |
http://www.securityfocus.com/bid/10157 | exploit vdb entry third party advisory broken link |