Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AfreecaTV streamer service stack-based buffer overflow
Vulnerability Description
The vulnerability function is enabled when the streamer service related to the AfreecaTV communicated through web socket using 21201 port. A stack-based buffer overflow leading to remote code execution was discovered in strcpy() operate by "FanTicket" field. It is because of stored data without validation of length.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
AfreecaTV 缓冲区错误漏洞
Vulnerability Description
AfreecaTV是韩国AfreecaTV公司的一种基于 P2P 技术的视频流服务。 AfreecaTV 相关的流媒体服务存在缓冲区错误漏洞,该漏洞源于存储的数据没有长度验证。在FanTicket字段的strcpy()操作中发现了基于堆栈的缓冲区溢出,导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A