CVE-2007-6630

Name of the Vulnerable Software and Affected Versions Netembryo version 0.0.4

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, by sending a malformed URI containing a "/:" sequence. This can be achieved with a request such as "DESCRIBE /: RTSP/1.0", which exploits the Url init function in utils/url.c.

Recommendations For Netembryo version 0.0.4, consider restricting access to the Url init function in utils/url.c until a patch is available. As a temporary workaround, avoid using the "/:" sequence in URI requests to minimize the risk of exploitation.