CVE-2006-6026

N/A Unknown

Published: November 21, 2006 Modified: April 23, 2026

Description

Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a DESCRIBE request that contains an invalid LoadTestPassword field.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf

Source: cve@mitre.org

http://gleg.net/helix.txt

Source: cve@mitre.org

http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html

Source: cve@mitre.org

http://secunia.com/advisories/22944

Source: cve@mitre.org

Vendor Advisory

http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml

Source: cve@mitre.org

http://www.attrition.org/pipermail/vim/2007-March/001459.html

Source: cve@mitre.org

http://www.attrition.org/pipermail/vim/2007-March/001468.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/463333/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/21141

Source: cve@mitre.org

http://www.securityfocus.com/bid/23068

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1056

Source: cve@mitre.org

Vendor Advisory

https://www.exploit-db.com/exploits/3531

Source: cve@mitre.org

http://docs.real.com/docs/security/SecurityUpdate032107Server.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

http://gleg.net/helix.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.helixcommunity.org/pipermail/server-cvs/2007-January/003783.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22944

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://web.archive.org/web/20060502082622/www.gleg.net/vulndisco_pack_professional.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.attrition.org/pipermail/vim/2007-March/001459.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.attrition.org/pipermail/vim/2007-March/001468.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/463333/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/21141

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/23068

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/1056

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.exploit-db.com/exploits/3531

Source: af854a3a-2127-422b-91ae-364da2661108

24 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

30.4%

97th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

realnetworks

Related CVEs

CVE-2026-7581 4.3

CVE-2026-7580 5.3

CVE-2026-7579 7.3

CVE-2026-3772 8.8

CVE-2026-3140 4.3