Computer Security
[EN] securityvulns.ru no-pyccku


liveMedia integer overflow
Published:23.02.2015
Source:
SecurityVulns ID:14281
Type:library
Threat Level:
5/10
Description:Integer overflow on RTSP parsing.
Affected:LIVENETWORK : Live555 Streaming Media 2011.08
CVE:CVE-2013-6933 (The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3156-1] liblivemedia security update (23.02.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod