117 matches found
wireshark: RTSP dissector crash (wnpa-sec-2014-17)
Off-by-one error in the isrtsprequestorreply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted packet that triggers parsing of a token...
Apple Streaming Protocol Client
Binary data 8233.prm...
rtsp-methods NSE Script
Determines which methods are supported by the RTSP real time streaming protocol server. Script Arguments rtsp-methods.path the path to query, defaults to "" which queries the server itself, rather than a specific url. Example Usage nmap -p 554 --script rtsp-methods Script Output PORT STATE SERVIC...
Design/Logic Flaw
Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol RTSP packet, aka "RTSP Use After Free Vulnerability."...
CVE-2010-3225
Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol RTSP packet, aka "RTSP Use After Free Vulnerability."...
Microsoft Windows Media Player Network Sharing Remote Code Execution Vulnerability (2281679)
This host is missing a critical security update according to Microsoft Bulletin MS10-075. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
A use-after-free vulnerability exists in the Microsoft Windows Media Player Network Sharing Service installed on the remote host. By sending a specially crafted Real Time Streaming Protocol RTSP packet to the affected service, a remote attacker may be able to leverage this vulnerability to execut...
PT-2010-4662 · Microsoft · Windows Media Player +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Player Network Sharing Service versions prior to the fixed version Description: A use-after-free issue in the Media Player Network Sharing Service allows remote attackers to execute arbitrary code via a crafted Real Ti...
VulnCheck KEV: CVE-2007-6166
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol RTSP servers to execute arbitrary code via an RTSP response with a long Content-Type header...
Nullsoft WinAmp Ultravox ultravox-max-msg Header Buffer Overflow (CVE-2006-5567)
NullSoft Winamp is a multimedia player that is capable of playing many formats of audio and video files and streaming protocols. Winamp supports the Ultravox media streaming format, a proprietary streaming media protocol developed by AOL. Ultravox or Ultravox Media On Demand Server UltraMODS is...
Integer overflow
Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...
Apple QuickTime RTSP Response message Reason-Phrase buffer overflow vulnerability
Overview Apple QuickTime contains a buffer overflow vulnerability that may allow a remote, unauthenticated attacker to cause a denial-of-service condition and possibly execute arbitrary code. Description Real Time Streaming Protocol RTSP is a protocol that is used by streaming media systems. Appl...
VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization
var mm = null; if target != null var param1 = unescape"%u0505%u0505"; var salame = "defaultV"; var salame2 = 1; var salame3 = 0; ag = unescape"%uCCCC%uCCCC"; sh = unescape"%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u90...
Apple QuickTime RTSP Content-Type header stack buffer overflow
Overview Apple QuickTime contains a stack buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Real Time Streaming Protocol RTSP is a protocol that is used by streaming media systems. The Appl...
xine-lib buffer overflow
Buffer overflow on parsing Real streaming protocol...
DEBIAN-CVE-2004-1311
Integer overflow in the realsetupandgetheader function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based...
CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...