LIVE555 streaming media, developed and maintained by Live Networks, is a set of C++ libraries companies and application developers use to stream multimedia over open standard protocols like RTP/RTCP, RTSP or SIP.
The vulnerable library is internally being used by many well-known media software such as VLC and MPlayer, exposing their millions of users to cyber attacks.
The code execution vulnerability, tracked as CVE-2018-4013 and discovered by researcher Lilith Wyatt of Cisco Talos Intelligence Group, resides in the HTTP packet-parsing functionality of the LIVE555 RTSP, which parses HTTP headers for tunneling RTSP over HTTP.
“A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution,” Cisco Talos’ security advisory says. “An attacker can send a packet to trigger this vulnerability.”
Cisco Talos team confirmed the vulnerability in Live Networks LIVE555 Media Server version 0.92, but the team believes the security issue may also be present in the earlier version of the product.
Cisco Talos responsibly reported the vulnerability to Live Networks on October 10 and publicly disclosed the security issue on October 18 after the vendor released security patches on October 17.