CVE-2007-6627

Name of the Vulnerable Software and Affected Versions LScube Feng versions 0.1.15 and earlier

Description The issue is related to an integer overflow in the RTSP remove msg function, which can be triggered by a remote attacker sending an RTP packet with a size value of 0xffff. This can cause a denial of service (crash) and potentially allow the execution of arbitrary code.

Recommendations For versions 0.1.15 and earlier, consider disabling the RTSP remove msg function as a temporary workaround until a patch is available. Restrict access to the RTP packet handling module to minimize the risk of exploitation. Avoid using size values that could trigger the integer overflow in the affected function.