PT-2025-48492 · Live555 · Live555 Streaming Media
Heng Zhang
·
Published
2025-12-01
·
Updated
2025-12-23
·
CVE-2025-65406
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Live555 Streaming Media version 2018.09.02
Description
A heap overflow exists in the
MatroskaFile::createRTPSinkForTrackNumber() function when processing crafted MKV files. This can lead to a Denial of Service (DoS). The issue affects the parsing of Matroska files and allows remote attackers to crash RTSP servers without requiring login credentials.Recommendations
Update to the latest Live555 Streaming Media version.
Block untrusted streams.
Exploit
Fix
DoS
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Live555 Streaming Media