liveMedia -- potential remote code execution

2018-10-18T00:00:00
ID FA194483-DABD-11E8-BF39-5404A68AD561
Type freebsd
Reporter FreeBSD
Modified 2018-10-18T00:00:00

Description

Talos reports:

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.