VYPR

Feng

by Feng

CVEs (5)

  • CVE-2007-6630Jan 4, 2008
    risk 0.03cvss epss 0.03

    The Url_init function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request.

  • CVE-2007-6629Jan 4, 2008
    risk 0.00cvss epss 0.02

    Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is…

  • CVE-2007-6628Jan 4, 2008
    risk 0.00cvss epss 0.02

    LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via (1) a malformed Transport header, which triggers misparsing in parse_transport_header in RTSP_setup.c, as demonstrated by a Transport header that contains…

  • CVE-2007-6626Jan 4, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via (1) a long first line of a response, as demonstrated by a long VER line; or (2) a long second line of…

  • CVE-2007-6627Jan 4, 2008
    risk 0.00cvss epss 0.04

    Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an RTP packet with a size value of 0xffff.