MidnightBSD

Advisories for live555

CVE-2013-6933 HIGH

The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-189,

Products Affected

Vendor Product Version
live555 streaming_media 2012-04-18
live555 streaming_media 2012-08-20
live555 streaming_media 2012-03-20
live555 streaming_media 2012-11-22
live555 streaming_media 2013-02-27
live555 streaming_media 2013-11-14
live555 streaming_media 2013-04-21
live555 streaming_media 2011-09-02
live555 streaming_media 2013-10-18
live555 streaming_media 2012-10-18
live555 streaming_media 2013-03-23
live555 streaming_media 2012-04-21
live555 streaming_media 2013-06-30
live555 streaming_media 2013-01-15
live555 streaming_media 2013-01-23
live555 streaming_media 2012-10-12
live555 streaming_media 2013-07-03
live555 streaming_media 2013-08-31
live555 streaming_media 2012-02-04
live555 streaming_media 2013-01-25
live555 streaming_media 2012-01-13
live555 streaming_media 2013-05-30
live555 streaming_media 2011-11-27
live555 streaming_media 2012-11-30
live555 streaming_media 2011-10-09
live555 streaming_media 2012-11-16
live555 streaming_media 2013-01-04
live555 streaming_media 2013-03-31
live555 streaming_media 2012-07-18
live555 streaming_media 2013-04-23
live555 streaming_media 2013-07-30
live555 streaming_media 2011-12-02
live555 streaming_media 2012-07-24
live555 streaming_media 2013-11-10
live555 streaming_media 2013-09-27
live555 streaming_media 2011-10-05
live555 streaming_media 2013-04-05
live555 streaming_media 2012-06-17
live555 streaming_media 2013-04-04
live555 streaming_media 2013-09-08
live555 streaming_media 2011-09-19
live555 streaming_media 2011-10-27
live555 streaming_media 2011-08-13
live555 streaming_media 2012-09-27
live555 streaming_media 2012-07-14
live555 streaming_media 2012-11-29
live555 streaming_media 2012-10-01
live555 streaming_media 2012-11-28
live555 streaming_media 2013-11-25
live555 streaming_media 2013-01-19
live555 streaming_media 2012-06-23
live555 streaming_media 2012-11-17
live555 streaming_media 2012-12-22
live555 streaming_media 2013-01-03
live555 streaming_media 2012-09-13
live555 streaming_media 2011-11-08
live555 streaming_media 2012-08-31
live555 streaming_media 2013-08-28
live555 streaming_media 2013-02-05
live555 streaming_media 2012-09-06
live555 streaming_media 2013-04-01
live555 streaming_media 2013-10-01
live555 streaming_media 2013-04-30
live555 streaming_media 2011-11-28
live555 streaming_media 2012-09-11
live555 streaming_media 2013-06-06
live555 streaming_media 2012-04-27
live555 streaming_media 2012-01-07
live555 streaming_media 2012-05-17
live555 streaming_media 2013-11-15
live555 streaming_media 2011-11-20
live555 streaming_media 2013-04-22
live555 streaming_media 2012-11-08
live555 streaming_media 2011-12-20
live555 streaming_media 2013-02-11
live555 streaming_media 2013-04-08
live555 streaming_media 2012-01-26
live555 streaming_media 2012-07-03
live555 streaming_media 2013-08-05
live555 streaming_media 2012-10-04
live555 streaming_media 2012-10-21
live555 streaming_media 2012-12-18
live555 streaming_media 2012-11-05
live555 streaming_media 2013-04-16
live555 streaming_media 2012-08-12
live555 streaming_media 2013-11-06
live555 streaming_media 2013-08-16
live555 streaming_media 2013-09-30
live555 streaming_media 2012-07-06
live555 streaming_media 2012-12-24
live555 streaming_media 2013-10-02
live555 streaming_media 2013-08-15
live555 streaming_media 2012-06-12
live555 streaming_media 2013-07-31
live555 streaming_media 2012-10-24
live555 streaming_media 2012-12-23
live555 streaming_media 2013-10-22
live555 streaming_media 2013-01-22
live555 streaming_media 2012-06-26
live555 streaming_media 2012-12-21
live555 streaming_media 2012-10-16
live555 streaming_media 2013-07-16
live555 streaming_media 2012-02-03
live555 streaming_media 2011-11-29
live555 streaming_media 2012-01-25
live555 streaming_media 2012-05-03
live555 streaming_media 2012-10-22
live555 streaming_media 2013-10-09
live555 streaming_media 2013-10-24
live555 streaming_media 2012-02-29
live555 streaming_media 2013-04-06
live555 streaming_media 2013-01-18
live555 streaming_media 2011-08-22
live555 streaming_media 2013-01-05
live555 streaming_media 2013-10-08
live555 streaming_media 2011-12-19
live555 streaming_media 2013-03-07
live555 streaming_media 2011-11-02
live555 streaming_media 2011-10-18
live555 streaming_media 2012-09-07
live555 streaming_media 2012-07-26
live555 streaming_media 2013-06-14
live555 streaming_media 2012-04-04
live555 streaming_media 2013-10-03
live555 streaming_media 2012-08-29
live555 streaming_media 2012-08-30
live555 streaming_media 2012-10-17
live555 streaming_media 2012-04-26
live555 streaming_media 2012-10-11
live555 streaming_media 2013-10-11
live555 streaming_media 2013-04-29
live555 streaming_media 2013-09-18
live555 streaming_media 2011-08-20
live555 streaming_media 2013-06-18
live555 streaming_media 2012-08-17
live555 streaming_media 2013-10-07
live555 streaming_media 2012-09-12
live555 streaming_media 2012-08-08
live555 streaming_media 2012-03-22
live555 streaming_media 2013-10-25
live555 streaming_media 2011-12-23
live555 streaming_media 2013-01-21
live555 streaming_media 2012-08-28
live555 streaming_media 2012-12-15
live555 streaming_media 2012-05-11
live555 streaming_media 2013-09-11
live555 streaming_media 2013-10-16
live555 streaming_media 2013-09-07
CVE-2013-6934 HIGH

The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6933.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
live555 streaming_media 2013-11-26
videolan vlc_media_player *
CVE-2018-4013 HIGH

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 9.0
live555 live555_media_server 0.92
debian debian_linux 8.0
CVE-2019-15232 HIGH

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
live555 streaming_media *
CVE-2019-6256 HIGH

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-755,

Products Affected

Vendor Product Version
live555 live555_media_server 0.93
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2019-7314 HIGH

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 8.0
live555 streaming_media *
CVE-2019-7732 MEDIUM

In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
live555 streaming_media 0.95
CVE-2019-7733 MEDIUM

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
live555 streaming_media 0.95
CVE-2019-9215 HIGH

In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse backports_sle 15.0
debian debian_linux 9.0
opensuse leap 15.1
opensuse leap 15.0
opensuse leap 15.2
debian debian_linux 8.0
live555 streaming_media *
CVE-2020-24027 HIGH

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
live555 liblivemedia 20200625
CVE-2021-28899 MEDIUM

Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
live555 streaming_media *
CVE-2021-38380 MEDIUM

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
live555 live555 *
CVE-2021-38381 MEDIUM

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
live555 live555 *
CVE-2021-38382 MEDIUM

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
live555 live555 *
CVE-2021-39282 MEDIUM

Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
live555 live555 *
CVE-2021-39283 MEDIUM

liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
live555 live555 *
CVE-2021-41396 MEDIUM

Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
live555 live555 *
CVE-2023-37117

A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
live555 live555 2023.05.10
CVE-2025-65404

A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
live555 streaming_media 2018-09-02
CVE-2025-65405

A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
live555 streaming_media 2018-09-02
CVE-2025-65406

A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
live555 streaming_media 2018-09-02
CVE-2025-65407

A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
live555 streaming_media 2018-09-02
CVE-2025-65408

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
live555 streaming_media 2018-09-02