Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
live555 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-6933
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character...
7.5
CVSSv2
CVE-2019-6256
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request...
7.5
CVSSv2
CVE-2018-4013
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger...
6 Github repositories available
7.5
CVSSv2
CVE-2019-9215
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function....
1 Github repository available
7.5
CVSSv2
CVE-2020-24027
In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time....
7.5
CVSSv2
CVE-2013-6934
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP...
5
CVSSv2
CVE-2019-7732
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed....
7.5
CVSSv2
CVE-2019-15232
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors....
7.1
CVSSv2
CVE-2007-6036
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation....
1 EDB exploit available
7.5
CVSSv2
CVE-2019-7314
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact....
1 Github repository available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
enviragallery
CVE-2020-27368
CVE-2021-23926
injection
envira gallery
CVE-2020-6207
CVE-2021-21242
unspecified
CVE-2021-24122
CVE-2021-0212
1
2
NEXT »
Vulmon