Search CVE reports


Toggle filters

1 – 10 of 18 results


CVE-2023-37117

Medium priority
Needs evaluation

A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-41396

Medium priority
Needs evaluation

Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can...

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-39283

Medium priority
Needs evaluation

liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-39282

Medium priority
Needs evaluation

Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38382

Medium priority
Needs evaluation

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38381

Medium priority
Needs evaluation

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38380

Medium priority
Needs evaluation

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-28899

Medium priority
Needs evaluation

Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-24027

Medium priority
Needs evaluation

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-15232

Medium priority
Vulnerable

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.

1 affected package

liblivemedia

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
liblivemedia Not in release Not in release Vulnerable Vulnerable Vulnerable
Show less packages