CVE-2012-1923

Published: Apr 17, 2012Modified: Apr 29, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.

Affected (6)

Products: Realnetworks: Helix Server, Helix Mobile Server

2 products

Helix Mobile Server

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Helix Server	Version 14.0.0
Realnetworks Helix Server	Version 14.0.1
Realnetworks Helix Server	Version 14.2.0.212
Realnetworks Helix Server	Version 14.2

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Realnetworks Helix Mobile Server	Version 14.0.0
Realnetworks Helix Mobile Server	Version 14.0.1

Related CWEs

References (12)

http://archives.neohapsis.com/archives/bugtraq/2012-04/0062.html

Source: cve@mitre.org

http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/secunia_research/2012-8/

Source: cve@mitre.org

http://www.securityfocus.com/bid/52929

Source: cve@mitre.org

http://www.securitytracker.com/id?1026898

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/74673

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2012-04/0062.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/secunia_research/2012-8/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/52929

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1026898

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/74673

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.