VulnerableCode Package Details - pkg:deb/ubuntu/liblivemedia@2018.11.26-1

Search for packages

Package details: pkg:deb/ubuntu/liblivemedia@2018.11.26-1

Essentials
History (0)

purl	pkg:deb/ubuntu/liblivemedia@2018.11.26-1

Next non-vulnerable version	2018.11.26-1.1
Latest non-vulnerable version	2018.11.26-1.1
Risk	4.5

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-5t39-b1n3-aaap Aliases: CVE-2019-9215	In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.	2018.11.26-1.1 Affected by 0 other vulnerabilities.
VCID-avxa-q6kw-aaad Aliases: CVE-2019-7314	liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.	2018.11.26-1.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-w1bw-vy7z-aaaa	A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.	CVE-2019-6256

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version