Critical severity9.8NVD Advisory· Published Oct 19, 2018· Updated Jun 17, 2026
CVE-2018-4013
CVE-2018-4013
Description
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: =0.92
- osv-coords2 versionspkg:rpm/opensuse/live555&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/live555&distro=SUSE%20Package%20Hub%2015
< 2018.12.14-bp150.3.3.1+ 1 more
- (no CPE)range: < 2018.12.14-bp150.3.3.1
- (no CPE)range: < 2018.12.14-bp150.3.3.1
- Range: Version 0.92
Patches
Vulnerability mechanics
References
5- talosintelligence.com/vulnerability_reports/TALOS-2018-0684nvdExploitThird Party Advisory
- lists.live555.com/pipermail/live-devel/2018-October/021071.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/11/msg00020.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202005-06nvdThird Party Advisory
- www.debian.org/security/2018/dsa-4343nvdThird Party Advisory
News mentions
0No linked articles in our index yet.