Published: 11/02/2019 Updated: 12/02/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

Vulnerability Summary

Live Networks LIVE555 Media Server handleRequestBytes Buffer Overflow Vulnerability

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.

A vulnerability in the LIVE555 Media Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to a buffer overflow condition in the handleRequestBytes function of the affected software. An attacker could exploit the vulnerability by sending a malicious HTTP packet to a targeted system. A successful exploit could cause the targeted system to crash, resulting in a DoS condition. Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available. Live Networks has confirmed the vulnerability; however, software updates are not available.

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Complexity: LOW
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Vulnerability Trend

Affected Products

Vendor Product Versions
Live555Streaming Media0.95

Vendor Advisories

In Live555 095, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed ...