Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube Feng 0.1.15 and previous versions allow remote malicious users to execute arbitrary code via (1) a long first line of a response, as demonstrated by a long VER line; or (2) a long second line of a response, as demonstrated by a message that follows a RETURN line.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
feng feng |