CVE-2019-15232

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.
References
Link Resource
http://www.live555.com/liveMedia/public/changelog.txt Release Notes Vendor Advisory
https://security.gentoo.org/glsa/202005-06 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:live555:streaming_media:*:*:*:*:*:*:*:*

History

29 Mar 2023, 16:23

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/202005-06 - (GENTOO) https://security.gentoo.org/glsa/202005-06 - Third Party Advisory

Information

Published : 2019-08-20 00:15

Updated : 2023-12-10 12:59


NVD link : CVE-2019-15232

Mitre link : CVE-2019-15232

CVE.ORG link : CVE-2019-15232


JSON object : View

Products Affected

live555

  • streaming_media
CWE
CWE-416

Use After Free