Oval Definition:	oval:org.mitre.oval:def:26500
Revision Date: 2014-10-20 Version: 3 Title: Denial of service and possibly execute arbitrary code via a space or tab character at the beginning of an RTSP message Description: The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2013-6933 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): VLC Media Player Definition Synopsis VLC media player is installed AND Version of VLC Media Player is less than 2.1.2
BACK