This advisory is part of a coordinated release with affected vendors to inform customers of a security issue that may affect their systems. Helix Universal Media Server version 14.3.x
Helix Universal Media Server version 14.2.0.212 and earlier This advisory discusses the following software: Affected Software Issue Referencesįor more information about this issue, see the following references: Reference Recommendation: Review the Suggested Actions section and configure as appropriate. Purpose of Advisory: To notify users of a vulnerability and its remediation. An attacker would have to leverage a cross-site request forgery (csrf) attack in order to trick the administrator into loading a malformed URL.Īdvisory Details Purpose and Recommendation.
#UNIVERSAL MEDIA SERVER SECURITY UPDATE#
For more information about the vulnerability, including information about updates from RealNetworks, see the ApSecurity Update for Helix Server and Helix Mobile Server. The vulnerability has been assigned the entry, CVE-2012-1985, in the Common Vulnerabilities and Exposures list. Microsoft Vulnerability Research reported this issue to and coordinated with RealNetworks to ensure remediation of this issue. Clicking a link that has a malformed URL as an administrative user could cause a denial of service condition in the server process. RealNetworks has remediated the vulnerability in their software.Ī vulnerability exists in the way that the Helix Universal Media Server parses URLs. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, RealNetworks. Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks Helix Universal Media Server software version 14.2.0.212 and earlier. In this article Vulnerability in RealNetworks Helix Universal Media Server Could Allow Denial of Service
0 kommentar(er)
