CVE-2013-6933

CVSS V2 High 7.5 CVSS V3 None
Description
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow.
Overview
  • CVE ID
  • CVE-2013-6933
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2014-01-23T21:55:04
  • Last Modified Date
  • 2019-09-12T12:13:31
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:live555:streaming_media:2011-08-13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-08-20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-08-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-09-02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-09-19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-10-05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-10-09:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-10-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-10-27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-11-02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-11-08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-11-20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-11-27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-11-28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-11-29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-12-02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-12-19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-12-20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2011-12-23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-01-07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-01-13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-01-25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-01-26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-02-03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-02-04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-02-29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-03-20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-03-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-04-04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-04-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-04-21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-04-26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-04-27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-05-03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-05-11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-05-17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-06-12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-06-17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-06-23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-06-26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-07-03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-07-06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-07-14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-07-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-07-24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-07-26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-08-31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-09-06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-09-07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-09-11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-09-12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-09-13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-09-27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-10-24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-11-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-12-15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-12-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-12-21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-12-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-12-23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2012-12-24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-01-25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-02-05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-02-11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-02-27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-03-07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-03-23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-03-31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-04-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-05-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-06-06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-06-14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-06-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-06-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-07-03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-07-16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-07-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-07-31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-08-05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-08-15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-08-16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-08-28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-08-31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-09-07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-09-08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-09-11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-09-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-09-27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-09-30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-07:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-08:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-09:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-10-25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-11-06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-11-10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-11-14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-11-15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:live555:streaming_media:2013-11-25:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 7.5
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 6.4
History
Created Old Value New Value Data Type Notes
2022-05-10 07:46:28 Added to TrackCVE
2022-12-01 21:40:23 2014-01-23T21:55Z 2014-01-23T21:55:04 CVE Published Date updated
2022-12-01 21:40:23 2019-09-12T12:13:31 CVE Modified Date updated
2022-12-01 21:40:23 Analyzed Vulnerability Status updated