FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-11 14:10:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
821afaa2-9e9a-11dc-a7e3-0016360406fa	liveMedia -- DoS vulnerability The live555 development team reports: Fixed a bounds-checking error in "parseRTSPRequestString()" caused by an int vs. unsigned problem. The function which handles the incoming queries from the clients is affected by a vulnerability which allows an attacker to crash the server remotely using the smallest RTSP query possible to use. Discovery 2007-11-20 Entry 2007-12-08 Modified 2007-12-09 liveMedia < 2007.11.18,1 CVE-2007-6036 http://aluigi.altervista.org/adv/live555x-adv.txt http://www.live555.com/liveMedia/public/changelog.txt
fa194483-dabd-11e8-bf39-5404a68ad561	liveMedia -- potential remote code execution Talos reports: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Discovery 2018-10-18 Entry 2018-10-28 liveMedia < 2018.10.17,2 CVE-2018-4013 https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684 http://lists.live555.com/pipermail/live-devel/2018-October/021071.html

VuXML ID

Description

821afaa2-9e9a-11dc-a7e3-0016360406fa

liveMedia -- DoS vulnerability

The live555 development team reports:

Fixed a bounds-checking error in "parseRTSPRequestString()" caused by an int vs. unsigned problem.

The function which handles the incoming queries from the clients is affected by a vulnerability which allows an attacker to crash the server remotely using the smallest RTSP query possible to use.

Discovery 2007-11-20
Entry 2007-12-08
Modified 2007-12-09
liveMedia

< 2007.11.18,1

CVE-2007-6036
http://aluigi.altervista.org/adv/live555x-adv.txt
http://www.live555.com/liveMedia/public/changelog.txt

fa194483-dabd-11e8-bf39-5404a68ad561

liveMedia -- potential remote code execution

Talos reports:

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.

Discovery 2018-10-18
Entry 2018-10-28
liveMedia

< 2018.10.17,2

CVE-2018-4013
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684
http://lists.live555.com/pipermail/live-devel/2018-October/021071.html