Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.
References
Link | Resource |
---|---|
http://www.live555.com/liveMedia/public/changelog.txt | Release Notes Vendor Advisory |
https://security.gentoo.org/glsa/202005-06 | Third Party Advisory |
Configurations
History
29 Mar 2023, 16:23
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202005-06 - Third Party Advisory |
Information
Published : 2019-08-20 00:15
Updated : 2024-02-04 20:20
NVD link : CVE-2019-15232
Mitre link : CVE-2019-15232
CVE.ORG link : CVE-2019-15232
JSON object : View
Products Affected
live555
- streaming_media
CWE
CWE-416
Use After Free