cpe:/a:realnetworks:helix_server:11.0 cpe:/a:realnetworks:helix_server:12.0.0 cpe:/a:realnetworks:helix_server_mobile:11.0 cpe:/a:realnetworks:helix_server_mobile:12.0.0 CVE-2008-5911 2009-01-20T11:00:00.203-05:00 2011-03-07T22:15:24.907-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-01-20T11:46:00.000-05:00 SECTRACK 1021498 SECTRACK 1021499 SECTRACK 1021500 SECTRACK 1021501 SECUNIA 33360 VUPEN ADV-2008-3521 CONFIRM http://docs.real.com/docs/security/SecurityUpdate121508HS.pdf Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.