Vulnerability CVE-2019-7314


Published: 2019-02-03

Description:
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.

Type:

CWE-416

(Use After Free)

Vendor: Debian
Product: Debian linux 
Version: 8.0;
Vendor: Live555
Product: Streaming media 
Version:
2014.01.24
2014.01.21
2014.01.20
2014.01.19
2014.01.18
2014.01.17
2014.01.16
2014.01.15
2014.01.14
2014.01.13
2014.01.11
2014.01.07
2013.12.31
2013.12.29
2013.12.21
2013.12.18
2013.12.17
2013.12.16
2013.12.15
2013.12.05
2013.12.04
2013.12.03
2013.11.29
2013.11.26
2013.11.25
2013.11.15
2013.11.14
2013.11.10
2013.11.06
2013.10.25
2013.10.24
2013.10.22
2013.10.18
2013.10.16
2013.10.11
2013.10.09
2013.10.08
2013.10.07
2013.10.03
2013.10.02
2013.10.01
2013.09.30
2013.09.27
2013.09.18
2013.09.11
2013.09.08
2013.09.07
2013.08.31
2013.08.28
2013.08.16
2013.08.15
2013.08.05
2013.07.31
2013.07.30
2013.07.16
2013.07.03
2013.06.30
2013.06.18
2013.06.14
2013.06.06
2013.05.30
2013.04.30
2013.04.29
2013.04.23
2013.04.22
2013.04.21
2013.04.16
2013.04.08
2013.04.06
2013.04.05
2013.04.04
2013.04.01
2013.03.31
2013.03.23
2013.03.07
2013.02.27
2013.02.11
2013.02.05
2013.01.25
2013.01.23
2013.01.22
2013.01.21
2013.01.19
2013.01.18
2013.01.15
2013.01.05
2013.01.04
2013.01.03
2012.12.24
2012.12.23
2012.12.22
2012.12.21
2012.12.18
2012.12.15
2012.11.30
2012.11.29
2012.11.28
2012.11.22
2012.11.17
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://lists.live555.com/pipermail/live-devel/2019-February/021143.html
http://www.live555.com/liveMedia/public/changelog.txt
https://lists.debian.org/debian-lts-announce/2019/02/msg00037.html
https://seclists.org/bugtraq/2019/Mar/22
https://www.debian.org/security/2019/dsa-4408

Related CVE
CVE-2019-9215
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
CVE-2019-7733
In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.
CVE-2019-7732
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.
CVE-2019-6256
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie H...
CVE-2018-4013
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker ...
CVE-2013-6934
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at t...
CVE-2013-6933
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (...
CVE-2007-6036
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation.

Copyright 2019, cxsecurity.com

 

Back to Top