Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via (1) a long first line of a response, as demonstrated by a long VER line; or (2) a long second line of a response, as demonstrated by a message that follows a RETURN line.
|2008-01-03||CVE-2007-6627||Numeric Errors vulnerability in Feng 0.1.15||7.5|
|2008-01-03||CVE-2007-6630||Unspecified vulnerability in Feng 0.1.15||5.0|
|2008-01-03||CVE-2007-6628||Unspecified vulnerability in Feng 0.1.15||5.0|
|2008-01-03||CVE-2007-6629||Unspecified vulnerability in Feng 0.1.15||5.0|