Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6627

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6627
Last Modified 07 Mar 2011 10:03:19
Published 03 Jan 2008 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6627

Summary

Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an RTP packet with a size value of 0xffff.

Vulnerable Systems

Application

  • Feng 0.1.15


References

VUPEN - ADV-2008-0011

BID - 27049

BUGTRAQ - 20071227 Multiple vulnerabilities in Feng 0.1.15

OSVDB - 40533

MISC - http://aluigi.org/poc/fengulo.zip

MISC - http://aluigi.altervista.org/adv/fengulo-adv.txt

SREASON - 3507

SECUNIA - 28229


Last Updated: 27 May 2016 10:46:34