FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
821afaa2-9e9a-11dc-a7e3-0016360406faliveMedia -- DoS vulnerability

The live555 development team reports:

Fixed a bounds-checking error in "parseRTSPRequestString()" caused by an int vs. unsigned problem.

The function which handles the incoming queries from the clients is affected by a vulnerability which allows an attacker to crash the server remotely using the smallest RTSP query possible to use.


Discovery 2007-11-20
Entry 2007-12-08
Modified 2007-12-09
liveMedia
< 2007.11.18,1

CVE-2007-6036
http://aluigi.altervista.org/adv/live555x-adv.txt
http://www.live555.com/liveMedia/public/changelog.txt
fa194483-dabd-11e8-bf39-5404a68ad561liveMedia -- potential remote code execution

Talos reports:

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.


Discovery 2018-10-18
Entry 2018-10-28
liveMedia
< 2018.10.17,2

CVE-2018-4013
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684
http://lists.live555.com/pipermail/live-devel/2018-October/021071.html