Use-After-Free Vulnerability in Live555 RTSP Server

Use-After-Free Vulnerability in Live555 RTSP Server

CVE-2021-38382 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.

Learn more about our Web Application Penetration Testing UK.