1. CVE-Search
  2. CVE-2021-38382
ID CVE-2021-38382
Summary Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.
References
Vulnerable Configurations
  • cpe:2.3:a:live555:live555:2020.06.22:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.06.22:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.06.23:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.06.23:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.06.25:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.06.25:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.07.09:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.07.09:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.07.21:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.07.21:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.07.31:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.07.31:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.05:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.05:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.09:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.09:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.10:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.10:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.11:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.11:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.12:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.12:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.18:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.18:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.08.19:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.08.19:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.10.16:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.10.16:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.03:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.03:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.05:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.05:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.19:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.19:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.20:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.20:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.21:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.21:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.22:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.22:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.25:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.25:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.26:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.26:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.27:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.27:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.28:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.28:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.29:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.29:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.11.30:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.11.30:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.01:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.01:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.02:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.02:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.03:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.03:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.04:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.04:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.05:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.05:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.06:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.06:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.07:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.07:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.08:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.08:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.09:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.09:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.10:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.10:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.11:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.11:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.12:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.12:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2020.12.13:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2020.12.13:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.01:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.01:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.09:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.09:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.13:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.13:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.14:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.14:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.16:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.16:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.17:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.17:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.18:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.18:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.20:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.20:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.21:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.21:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.28:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.28:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.01.29:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.01.29:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.02.05:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.02.05:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.02.09:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.02.09:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.02.10:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.02.10:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.02.11:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.02.11:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.03.15:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.03.15:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.03.16:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.03.16:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.03.17:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.03.17:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.03.22:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.03.22:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.04.05:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.04.05:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.04.06:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.04.06:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.05.03:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.05.03:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.05.17:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.05.17:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.05.22:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.05.22:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.06.25:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.06.25:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.06.29:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.06.29:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.07.10:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.07.10:*:*:*:*:*:*:*
  • cpe:2.3:a:live555:live555:2021.07.20:*:*:*:*:*:*:*
    cpe:2.3:a:live555:live555:2021.07.20:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 20-08-2021 - 13:37)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
Last major update 20-08-2021 - 13:37
Published 10-08-2021 - 18:15
Last modified 20-08-2021 - 13:37
Back to Top