Published: 11/02/2019 Updated: 12/02/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.

Vulnerability Trend

Affected Products

Vendor Product Versions
Live555Streaming Media0.95

Vendor Advisories

Debian Bug report logs - #929948 CVE-2019-7733 Package: src:liblivemedia; Maintainer for src:liblivemedia is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 3 Jun 2019 20:30:01 UTC Severity: important Tags: fixed-upstream, security, upst ...
In Live555 095, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed ...
Arch Linux Security Advisory ASA-201905-17 ========================================== Severity: Critical Date : 2019-05-31 CVE-ID : CVE-2019-7314 CVE-2019-7733 Package : live-media Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-870 Summary ======= The package live-media before version 20190512-1 is vul ...