3 matches found
VLC 2.x < 2.1.2 parseRTSPRequestString Function RTSP Command Parsing Overflow
The version of VLC media player installed on the remote host is earlier than 2.1.2. As such, it reportedly includes a version of Live Networks' Live555 Streaming Media library earlier than 2013.11.29. A buffer overflow vulnerability in the 'parseRTSPRequestString' function in that library exists...
CVE-2013-6934
CVE-2013-6934 affects VLC Media Player via the Live555 liblivemedia RTSP implementation. The issue arises in parseRTSPRequestString: a space at the beginning of an RTSP message can trigger an integer underflow, an infinite loop, and a buffer overflow, potentially crashing the application or enabl...
CVE-2013-6934
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers a...