Vulnerability Details CVE-2013-6933
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.6%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2013-6933
-
cpe:2.3:a:live555:streaming_media:2011-08-13
-
cpe:2.3:a:live555:streaming_media:2011-08-20
-
cpe:2.3:a:live555:streaming_media:2011-08-22
-
cpe:2.3:a:live555:streaming_media:2011-09-02
-
cpe:2.3:a:live555:streaming_media:2011-09-19
-
cpe:2.3:a:live555:streaming_media:2011-10-05
-
cpe:2.3:a:live555:streaming_media:2011-10-09
-
cpe:2.3:a:live555:streaming_media:2011-10-18
-
cpe:2.3:a:live555:streaming_media:2011-10-27
-
cpe:2.3:a:live555:streaming_media:2011-11-02
-
cpe:2.3:a:live555:streaming_media:2011-11-08
-
cpe:2.3:a:live555:streaming_media:2011-11-20
-
cpe:2.3:a:live555:streaming_media:2011-11-27
-
cpe:2.3:a:live555:streaming_media:2011-11-28
-
cpe:2.3:a:live555:streaming_media:2011-11-29
-
cpe:2.3:a:live555:streaming_media:2011-12-02
-
cpe:2.3:a:live555:streaming_media:2011-12-19
-
cpe:2.3:a:live555:streaming_media:2011-12-20
-
cpe:2.3:a:live555:streaming_media:2011-12-23
-
cpe:2.3:a:live555:streaming_media:2012-01-07
-
cpe:2.3:a:live555:streaming_media:2012-01-13
-
cpe:2.3:a:live555:streaming_media:2012-01-25
-
cpe:2.3:a:live555:streaming_media:2012-01-26
-
cpe:2.3:a:live555:streaming_media:2012-02-03
-
cpe:2.3:a:live555:streaming_media:2012-02-04
-
cpe:2.3:a:live555:streaming_media:2012-02-29
-
cpe:2.3:a:live555:streaming_media:2012-03-20
-
cpe:2.3:a:live555:streaming_media:2012-03-22
-
cpe:2.3:a:live555:streaming_media:2012-04-04
-
cpe:2.3:a:live555:streaming_media:2012-04-18
-
cpe:2.3:a:live555:streaming_media:2012-04-21
-
cpe:2.3:a:live555:streaming_media:2012-04-26
-
cpe:2.3:a:live555:streaming_media:2012-04-27
-
cpe:2.3:a:live555:streaming_media:2012-05-03
-
cpe:2.3:a:live555:streaming_media:2012-05-11
-
cpe:2.3:a:live555:streaming_media:2012-05-17
-
cpe:2.3:a:live555:streaming_media:2012-06-12
-
cpe:2.3:a:live555:streaming_media:2012-06-17
-
cpe:2.3:a:live555:streaming_media:2012-06-23
-
cpe:2.3:a:live555:streaming_media:2012-06-26
-
cpe:2.3:a:live555:streaming_media:2012-07-03
-
cpe:2.3:a:live555:streaming_media:2012-07-06
-
cpe:2.3:a:live555:streaming_media:2012-07-14
-
cpe:2.3:a:live555:streaming_media:2012-07-18
-
cpe:2.3:a:live555:streaming_media:2012-07-24
-
cpe:2.3:a:live555:streaming_media:2012-07-26
-
cpe:2.3:a:live555:streaming_media:2012-08-08
-
cpe:2.3:a:live555:streaming_media:2012-08-12
-
cpe:2.3:a:live555:streaming_media:2012-08-17
-
cpe:2.3:a:live555:streaming_media:2012-08-20
-
cpe:2.3:a:live555:streaming_media:2012-08-28
-
cpe:2.3:a:live555:streaming_media:2012-08-29
-
cpe:2.3:a:live555:streaming_media:2012-08-30
-
cpe:2.3:a:live555:streaming_media:2012-08-31
-
cpe:2.3:a:live555:streaming_media:2012-09-06
-
cpe:2.3:a:live555:streaming_media:2012-09-07
-
cpe:2.3:a:live555:streaming_media:2012-09-11
-
cpe:2.3:a:live555:streaming_media:2012-09-12
-
cpe:2.3:a:live555:streaming_media:2012-09-13
-
cpe:2.3:a:live555:streaming_media:2012-09-27
-
cpe:2.3:a:live555:streaming_media:2012-10-01
-
cpe:2.3:a:live555:streaming_media:2012-10-04
-
cpe:2.3:a:live555:streaming_media:2012-10-11
-
cpe:2.3:a:live555:streaming_media:2012-10-12
-
cpe:2.3:a:live555:streaming_media:2012-10-16
-
cpe:2.3:a:live555:streaming_media:2012-10-17
-
cpe:2.3:a:live555:streaming_media:2012-10-18
-
cpe:2.3:a:live555:streaming_media:2012-10-21
-
cpe:2.3:a:live555:streaming_media:2012-10-22
-
cpe:2.3:a:live555:streaming_media:2012-10-24
-
cpe:2.3:a:live555:streaming_media:2012-11-05
-
cpe:2.3:a:live555:streaming_media:2012-11-08
-
cpe:2.3:a:live555:streaming_media:2012-11-16
-
cpe:2.3:a:live555:streaming_media:2012-11-17
-
cpe:2.3:a:live555:streaming_media:2012-11-22
-
cpe:2.3:a:live555:streaming_media:2012-11-28
-
cpe:2.3:a:live555:streaming_media:2012-11-29
-
cpe:2.3:a:live555:streaming_media:2012-11-30
-
cpe:2.3:a:live555:streaming_media:2012-12-15
-
cpe:2.3:a:live555:streaming_media:2012-12-18
-
cpe:2.3:a:live555:streaming_media:2012-12-21
-
cpe:2.3:a:live555:streaming_media:2012-12-22
-
cpe:2.3:a:live555:streaming_media:2012-12-23
-
cpe:2.3:a:live555:streaming_media:2012-12-24
-
cpe:2.3:a:live555:streaming_media:2013-01-03
-
cpe:2.3:a:live555:streaming_media:2013-01-04
-
cpe:2.3:a:live555:streaming_media:2013-01-05
-
cpe:2.3:a:live555:streaming_media:2013-01-15
-
cpe:2.3:a:live555:streaming_media:2013-01-18
-
cpe:2.3:a:live555:streaming_media:2013-01-19
-
cpe:2.3:a:live555:streaming_media:2013-01-21
-
cpe:2.3:a:live555:streaming_media:2013-01-22
-
cpe:2.3:a:live555:streaming_media:2013-01-23
-
cpe:2.3:a:live555:streaming_media:2013-01-25
-
cpe:2.3:a:live555:streaming_media:2013-02-05
-
cpe:2.3:a:live555:streaming_media:2013-02-11
-
cpe:2.3:a:live555:streaming_media:2013-02-27
-
cpe:2.3:a:live555:streaming_media:2013-03-07
-
cpe:2.3:a:live555:streaming_media:2013-03-23
-
cpe:2.3:a:live555:streaming_media:2013-03-31
-
cpe:2.3:a:live555:streaming_media:2013-04-01
-
cpe:2.3:a:live555:streaming_media:2013-04-04
-
cpe:2.3:a:live555:streaming_media:2013-04-05
-
cpe:2.3:a:live555:streaming_media:2013-04-06
-
cpe:2.3:a:live555:streaming_media:2013-04-08
-
cpe:2.3:a:live555:streaming_media:2013-04-16
-
cpe:2.3:a:live555:streaming_media:2013-04-21
-
cpe:2.3:a:live555:streaming_media:2013-04-22
-
cpe:2.3:a:live555:streaming_media:2013-04-23
-
cpe:2.3:a:live555:streaming_media:2013-04-29
-
cpe:2.3:a:live555:streaming_media:2013-04-30
-
cpe:2.3:a:live555:streaming_media:2013-05-30
-
cpe:2.3:a:live555:streaming_media:2013-06-06
-
cpe:2.3:a:live555:streaming_media:2013-06-14
-
cpe:2.3:a:live555:streaming_media:2013-06-18
-
cpe:2.3:a:live555:streaming_media:2013-06-30
-
cpe:2.3:a:live555:streaming_media:2013-07-03
-
cpe:2.3:a:live555:streaming_media:2013-07-16
-
cpe:2.3:a:live555:streaming_media:2013-07-30
-
cpe:2.3:a:live555:streaming_media:2013-07-31
-
cpe:2.3:a:live555:streaming_media:2013-08-05
-
cpe:2.3:a:live555:streaming_media:2013-08-15
-
cpe:2.3:a:live555:streaming_media:2013-08-16
-
cpe:2.3:a:live555:streaming_media:2013-08-28
-
cpe:2.3:a:live555:streaming_media:2013-08-31
-
cpe:2.3:a:live555:streaming_media:2013-09-07
-
cpe:2.3:a:live555:streaming_media:2013-09-08
-
cpe:2.3:a:live555:streaming_media:2013-09-11
-
cpe:2.3:a:live555:streaming_media:2013-09-18
-
cpe:2.3:a:live555:streaming_media:2013-09-27
-
cpe:2.3:a:live555:streaming_media:2013-09-30
-
cpe:2.3:a:live555:streaming_media:2013-10-01
-
cpe:2.3:a:live555:streaming_media:2013-10-02
-
cpe:2.3:a:live555:streaming_media:2013-10-03
-
cpe:2.3:a:live555:streaming_media:2013-10-07
-
cpe:2.3:a:live555:streaming_media:2013-10-08
-
cpe:2.3:a:live555:streaming_media:2013-10-09
-
cpe:2.3:a:live555:streaming_media:2013-10-11
-
cpe:2.3:a:live555:streaming_media:2013-10-16
-
cpe:2.3:a:live555:streaming_media:2013-10-18
-
cpe:2.3:a:live555:streaming_media:2013-10-22
-
cpe:2.3:a:live555:streaming_media:2013-10-24
-
cpe:2.3:a:live555:streaming_media:2013-10-25
-
cpe:2.3:a:live555:streaming_media:2013-11-06
-
cpe:2.3:a:live555:streaming_media:2013-11-10
-
cpe:2.3:a:live555:streaming_media:2013-11-14
-
cpe:2.3:a:live555:streaming_media:2013-11-15
-
cpe:2.3:a:live555:streaming_media:2013-11-25