6 matches found
[SECURITY] [DSA 3156-1] liblivemedia security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3156-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 07, 2015 http://www.debian.org/security/faq -...
VLC Media Player RTSP Plugin Stack Buffer Overflow (CVE-2013-6933)
A stack buffer overflow exists in VideoLAN VLC Media Player. The vulnerability is due an error in VLC's embedded Live555 RTSP library, when handling RTSP requests. Incorrect handling of RTSP commands can result in a stack buffer overflow. A remote unauthenticated attacker could exploit this...
VLC 2.x < 2.1.2 parseRTSPRequestString Function RTSP Command Parsing Overflow
The version of VLC media player installed on the remote host is earlier than 2.1.2. As such, it reportedly includes a version of Live Networks' Live555 Streaming Media library earlier than 2013.11.29. A buffer overflow vulnerability in the 'parseRTSPRequestString' function in that library exists...
CVE-2013-6933
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 1 space or 2 tab character at the beginning of an...
Integer overflow
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers a...
CVE-2013-6933
CVE-2013-6933 affects the Live555 Streaming Media library (used by VideoLAN VLC) where RTSP messages starting with whitespace [single space or tab] trigger an integer underflow, an infinite loop, and a buffer overflow in parseRTSPRequestString. This can lead to a crash or arbitrary code execution...