Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an RTP packet with a size value of 0xffff.
Max CVSS
7.5
EPSS Score
6.29%
Published
2008-01-04
Updated
2018-10-15
Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via (1) a long first line of a response, as demonstrated by a long VER line; or (2) a long second line of a response, as demonstrated by a message that follows a RETURN line.
Max CVSS
7.5
EPSS Score
6.80%
Published
2008-01-04
Updated
2018-10-15
2 vulnerabilities found