This page lists publicly disclosed CVE vulnerabilities affecting realnetworks helix_universal_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2004-0774 | RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length header set to -1. | [email protected] | 7.8 | 1.92% | 2004-11-03 | 2026-06-16 |
| CVE-2004-0389 | RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests. | [email protected] | 7.5 | 52.49% | 2004-06-01 | 2026-06-16 |
| CVE-2004-0049 | Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | [email protected] | 6.8 | 1.47% | 2004-02-17 | 2026-06-16 |
| CVE-2003-0725 | Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code. | [email protected] | 7.5 | 51.25% | 2003-10-20 | 2026-06-16 |
| CVE-2002-1643 | Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments. | [email protected] | 7.5 | 74.32% | 2002-12-19 | 2026-06-16 |