CVE Reference: CVE-2013-2221

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-2221

Description:
Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA53818
  Secunia Advisory: SA54998

MLIST
  http://seclists.org/oss-sec/2013/q2/638

MISC
  http://blog.azimuthsecurity.com/2013/06/attacking-crypto-phones-weaknesses-in.html

GENTOO
  http://security.gentoo.org/glsa/glsa-201309-13.xml

CONFIRM


Return to the previous page.