1. CVE-Search
  2. CVE-2019-7314
ID CVE-2019-7314
Summary liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.
References
Vulnerable Configurations
  • cpe:2.3:a:live555:streaming_media:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.15:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.18:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.19:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.20:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.30:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.30:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.40:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.42:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.50:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.50:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.60:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.60:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.62:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.62:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.63:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.63:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.64:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.64:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.65:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.65:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.66:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.66:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.67:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.67:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.68:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.68:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.70:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.70:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.71:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.71:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.72:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.72:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.73:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.73:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.74:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.74:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.75:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.75:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.76:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.76:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.77:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.77:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.78:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.78:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.80:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.80:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.81:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.81:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.82:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.82:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.83:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.83:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.84:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.84:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.85:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.85:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.87:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.87:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.88:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.88:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.89:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.89:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.91:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.91:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.92:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.92:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.93:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.93:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:streaming_media:0.94:*:*:*:*:*:*:*
    cpe:2.3:a:live555:streaming_media:0.94:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 07-07-2020 - 06:15)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq 20190317 [SECURITY] [DSA 4408-1] liblivemedia security update
debian DSA-4408
gentoo GLSA-202005-06
misc
mlist [debian-lts-announce] 20190226 [SECURITY] [DLA 1690-1] liblivemedia security update
suse
  • openSUSE-SU-2019:1797
  • openSUSE-SU-2019:1880
  • openSUSE-SU-2020:0944
Last major update 07-07-2020 - 06:15
Published 04-02-2019 - 02:29
Last modified 07-07-2020 - 06:15
Back to Top