vulnerability
FreeBSD: VID-FA194483-DABD-11E8-BF39-5404A68AD561 (CVE-2018-4013): liveMedia -- potential remote code execution
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | 10/18/2018 | 10/29/2018 | 05/07/2019 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
10/18/2018
Added
10/29/2018
Modified
05/07/2019
Description
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
Solution
freebsd-upgrade-package-livemedia
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.