Lilith Wyatt, a security researcher at Cisco Talos, has discovered a critical remote code execution vulnerability (CVE-2018-4013) in the LIVE555 media streaming library that is used by popular media players, including VLC and MPlayer.
The vulnerability affects the HTTP packet parsing functionality that analyzes HTTP headers for RTSP tunneling over HTTP.
“An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.” reads the advisory published by Talos.
The CVE-2018-4013 flaw potentially exposes millions of users of media players to cyber attacks.
The flaw affects Live Networks LIVE555 Media Server, version 0.92 and likely the earlier version of the product, a security update has already been issued to address the vulnerability.
Users of vulnerable media players are recommended to update their installs to the latest version.
Experts released the following SNORT rules to detect attempts to exploit these vulnerabilities:
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – CVE-2018-4013 VLC RCE, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles…
Chinese "kill switches" found in Chinese-made power inverters in US solar farm equipment that could…
FBI warns ex-officials are targeted with deepfake texts and AI voice messages impersonating senior U.S.…
Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver…
This website uses cookies.
