CVE-2013-6933

Опубликовано: 23 янв. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:live555:streaming_media:2011-08-13:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-08-20:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-08-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-09-02:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-09-19:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-10-05:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-10-09:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-10-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-10-27:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-11-02:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-11-08:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-11-20:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-11-27:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-11-28:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-11-29:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-12-02:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-12-19:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-12-20:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2011-12-23:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-01-07:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-01-13:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-01-25:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-01-26:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-02-03:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-02-04:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-02-29:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-03-20:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-03-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-04-04:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-04-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-04-21:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-04-26:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-04-27:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-05-03:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-05-11:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-05-17:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-06-12:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-06-17:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-06-23:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-06-26:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-07-03:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-07-06:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-07-14:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-07-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-07-24:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-07-26:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-08:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-12:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-17:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-20:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-28:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-29:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-08-31:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-09-06:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-09-07:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-09-11:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-09-12:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-09-13:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-09-27:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-01:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-04:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-11:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-12:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-16:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-17:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-21:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-10-24:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-05:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-08:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-16:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-17:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-28:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-29:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-11-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-12-15:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-12-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-12-21:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-12-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-12-23:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2012-12-24:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-03:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-04:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-05:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-15:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-19:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-21:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-23:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-01-25:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-02-05:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-02-11:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-02-27:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-03-07:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-03-23:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-03-31:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-01:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-04:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-05:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-06:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-08:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-16:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-21:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-23:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-29:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-04-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-05-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-06-06:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-06-14:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-06-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-06-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-07-03:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-07-16:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-07-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-07-31:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-08-05:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-08-15:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-08-16:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-08-28:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-08-31:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-09-07:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-09-08:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-09-11:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-09-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-09-27:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-09-30:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-01:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-02:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-03:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-07:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-08:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-09:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-11:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-16:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-18:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-22:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-24:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-10-25:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-11-06:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-11-10:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-11-14:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-11-15:*:*:*:*:*:*:*

cpe:2.3:a:live555:streaming_media:2013-11-25:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03355

Низкий

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2013-6933

ubuntu

около 12 лет назад

CVE-2013-6933

debian

около 12 лет назад

The parseRTSPRequestString function in Live Networks Live555 Streaming ...

GHSA-vcpq-3936-w8vf

github

больше 3 лет назад

EPSS

Процентиль: 87%

0.03355

Низкий

7.5 High

CVSS2

Дефекты

CWE-119