14 matches found
EUVD-2007-6591
Malware in sbrugna...
EUVD-2007-6593
Malware in sbrugna...
Input validation
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...
CVE-2007-6628
LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via 1 a malformed Transport header, which triggers misparsing in parsetransportheader in RTSPsetup.c, as demonstrated by a Transport header that contains only a...
Buffer overflow
Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...
CVE-2007-6629
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...
Cross site request forgery (csrf)
The Urlinit function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service NULL dereference and daemon crash via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request...
CVE-2007-6626
Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...
CVE-2007-6627
Integer overflow in the RTSPremovemsg function in RTSPlowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an RTP packet with a size value of 0xffff...
CVE-2007-6629
The CVE-2007-6629 entry concerns LScube Feng 0.1.15 and earlier, where an interpretation conflict in a User-Agent line containing a carriage-return character can trigger a NULL dereference and daemon crash, causing a denial of service. The issue arises because the line-delimiter handling differs ...
CVE-2007-6628
CVE-2007-6628 affects LScube Feng 0.1.15 and earlier. The issue allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via two malformed headers: (1) Transport header triggering misparsing in RTSP_setup.c’s parse_transport_header (example: a header containing onl...
CVE-2007-6626
Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...
CVE-2007-6626
CVE-2007-6626 describes multiple buffer overflows in the RTSP_valid_response_msg function of RTSP_state_machine.c in LScube Feng 0.1.15 and earlier, enabling remote attackers to execute arbitrary code via (1) an excessively long first line of a response (VER line) or (2) an excessively long secon...
CVE-2007-6629
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...