CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41396
https://notcve.org/view.php?id=CVE-2021-41396
11 Jul 2022 — Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack. Live555 versiones hasta 1.08, no maneja apropiadamente las conexiones de socket. Un gran número de conexiones de socket entrantes en poco tiempo invoca el módulo de administración de errores, en el que se produce un desbordamiento de búfer en la reg... • http://lists.live555.com/pipermail/live-devel/2021-September/021994.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39282 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-39282
18 Aug 2021 — Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. Live555 versiones hasta 1.08, presenta una pérdida de memoria en la función AC3AudioStreamParser para archivos AC3. Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of service. Versions greater than or equal to 2021.08.24 are affected. • http://lists.live555.com/pipermail/live-devel/2021-August/021970.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39283 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-39283
18 Aug 2021 — liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands. El archivo liveMedia/FramedSource.cpp en Live555 versiones hasta 1.08, permite un fallo de aserción y la salida de la aplicación por medio de múltiples comandos SETUP y PLAY. Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of service. Versions greater than or equal to 2021.08.24 are affected. • http://lists.live555.com/pipermail/live-devel/2021-August/021969.html • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38380 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-38380
10 Aug 2021 — Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack. Live555 versiones hasta 1.08, no maneja apropiadamente grandes peticiones para el mismo flujo de MP3, conllevando a una recursión y una lectura excesiva del búfer en la región stack de la memoria. Un atacante puede aprovechar esto para lanzar un ataque DoS Multiple vulnerabilities have been discovered in LIVE555 Media Server, th... • http://lists.live555.com/pipermail/live-devel/2021-August/021954.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38381 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-38381
10 Aug 2021 — Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. Live555 versiones hasta 1.08, no maneja apropiadamente los archivos MPEG-1 o 2. El envío de dos comandos RTSP SETUP sucesivos para la misma pista provoca un Uso de la Memoria previamente Liberada y un bloqueo del demonio Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of servic... • http://lists.live555.com/pipermail/live-devel/2021-August/021961.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38382 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-38382
10 Aug 2021 — Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. Live555 versiones hasta 1.08, no maneja apropiadamente los archivos Matroska y Ogg. El envío de dos comandos RTSP SETUP sucesivos para la misma pista causa un Uso de la Memoria previamente Liberada y un bloqueo del demonio Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of... • http://lists.live555.com/pipermail/live-devel/2021-August/021959.html • CWE-416: Use After Free •