Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Streaming media'
2019-08-19
CVE-2019-15232
CWE-416
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.
2019-02-27
CVE-2019-9215
CWE-20
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
2019-02-11
CVE-2019-7733
CWE-190
In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.
CVE-2019-7732
CWE-399
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.
2019-02-03
CVE-2019-7314
CWE-416
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.
2014-01-23
CVE-2013-6934
CWE-189
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6933.
CVE-2013-6933
CWE-189
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow.
>>>
Vendor:
Live555
5
Products
Media server
Streaming media
Live555 media server
Liblivemedia
Live555
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Streaming media' 