EUVD-2013-6735

Malware in sbrugna...

Denial Of Service (DoS)

openzeppelincairocontracts is vulnerable to denial of service. The vulnerability exists because the account signature implementation is not properly handled which renders unusable account contracts in live networks causing an application crash...

Design/Logic Flaw

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts vanilla and ethereum flavors in the...

CVE-2022-31153 OpenZeppelin Contracts for Cairo account cannot process transactions on Goerli

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts vanilla and ethereum flavors in the...

CVE-2020-24027

CVE-2020-24027 concerns a potential buffer overflow in Live Networks, Inc.’s liblivemedia (version 20200625) when handling an RTSP “PLAY” command that specifies seeking by absolute time. The connected sources confirm the affected component and the root cause is a buffer overflow in the RTSP serve...

Critical RCE Bug Impacts Streaming Server Libraries: VLC, MPLayer Not Impacted

A critical remote code-execution bug has been found in the popular Live Networks LIVE555’s streaming media RTSPServer. The vulnerability could allow an attacker to send a specially crafted packet to vulnerable systems and trigger a stack-based buffer overflow, according to researchers at Cisco...

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by popular media players, along with a number of embedded devices capable of streaming media. LIVE555 streaming media, developed and maintained by Live Networks, ...

Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability

Summary An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

VLC 2.x < 2.1.2 parseRTSPRequestString Function RTSP Command Parsing Overflow

The version of VLC media player installed on the remote host is earlier than 2.1.2. As such, it reportedly includes a version of Live Networks' Live555 Streaming Media library earlier than 2013.11.29. A buffer overflow vulnerability in the 'parseRTSPRequestString' function in that library exists...

CVE-2013-6933

CVE-2013-6933 affects the Live555 Streaming Media library (used by VideoLAN VLC) where RTSP messages starting with whitespace [single space or tab] trigger an integer underflow, an infinite loop, and a buffer overflow in parseRTSPRequestString. This can lead to a crash or arbitrary code execution...

LIVE555媒体服务器ParseRTSPRequestString远程拒绝服务漏洞

BUGTRAQ ID: 26488 LIVE555 Media Server是一款RTSP服务器程序，可提供各种媒体文件流服务。 LIVE555媒体服务器在处理畸形的请求数据时存在漏洞，远程攻击者可能利用此漏洞导致服务器不可用。 LIVE555媒体服务器的parseRTSPRequestString函数没有检查客户端数据的数量（reqStrSize）是否大于或等于8字节。因为该函数使用了无符数字，因此7 - 8不是-1而是4294967295，这就导致到达了分配内存的末尾而出现崩溃。以下是liveMedia/RTSPCommon文件中有漏洞的代码： Boolean...