Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

TVMOBiLi Media Server HTTP Request Multiple BOF Vulnerabilities

Information

Severity

Severity

Medium

Family

Family

Denial of Service

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

9 years ago

Modified

Modified

3 years ago

Summary

This host is running TVMOBiLi Media Server and is prone to multiple buffer overflow vulnerabilities.

Insight

Insight

Improper handling of URI length within the 'HttpUtils.dll' dynamic-link library. A remote attacker can send a specially crafted HTTP GET request of 161, 257, 255 or HTTP HEAD request of 255, 257 or 260 characters long to 30888/TCP port and cause a stack-based buffer overrun that will crash tvMobiliService service.

Affected Software

Affected Software

TVMOBiLi Media Server version 2.1.0.3557 and prior

Solution

Solution

Update to TVMOBiLi Media Server 2.1.3974 or later.

Common Vulnerabilities and Exposures (CVE)