Vulnerabilities > CVE-2019-7732 - Memory Leak vulnerability in Live555 Streaming Media 0.95

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

live555

CWE-401

NVD

Published: 2019-02-11

Updated: 2020-08-24

Summary

In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.

Vulnerable Configurations

Part	Description	Count
Application	Live555 Live555 Streaming Media 0.95	1

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://github.com/rgaufman/live555/issues/20