In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Advisory | Patch | Confirmed | Link |
---|---|---|---|
https://github.com/rgaufman/live555/issues/21 |