CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-6256 – Gentoo Linux Security Advisory 202005-06
https://notcve.org/view.php?id=CVE-2019-6256
14 Jan 2019 — A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp. Se ha descubierto una denegación de servicio (DoS) en las libre... • https://github.com/rgaufman/live555/issues/19 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 10.0EPSS: 39%CPEs: 3EXPL: 3CVE-2018-4013 – Gentoo Linux Security Advisory 202005-06
https://notcve.org/view.php?id=CVE-2018-4013
19 Oct 2018 — An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad HTTP packet-parsing de la biblioteca del servidor LIVE555 RTSP en su versión 0.92. Un paquete especialmente manipulado puede provocar... • https://github.com/DoubleMice/cve-2018-4013 • CWE-787: Out-of-bounds Write •