3 matches found
CVE-2013-2221
CVE-2013-2221 affects GNU ZRTPP: heap-based overflow in ZRtp::storeMsgTemp prior to 3.2.0 can cause remote DoS and may enable code execution via a large packet. Public docs confirm affected component (GNU ZRTPP) and the vulnerable version boundary (before 3.2.0). Remediation is version upgrade: o...
CVE-2013-2223
CVE-2013-2223 affects GNU ZRTPP (libzrtpcpp) prior to 3.2.0. A crafted remote packet can trigger an out-of-bounds read via the getEpHash function in a truncated Ping, potentially leaking uninitialized heap memory or causing a denial of service. The vulnerability is triggered by processing network...
CVE-2013-2222
GNU ZRTPPP (libzrtpcpp) contains multiple stack-based buffer overflows in the ZRTP implementation. Before version 3.2.0, a crafted ZRTP Hello packet can trigger overflows in the following internal routines: ZRtp::findBestSASType, ZRtp::findBestAuthLen, ZRtp::findBestCipher, ZRtp::findBestHash, an...