Lucene search
UbuntuUSN-1541-1HistoryAug 16, 2012 - 12:00 a.m.
libotr vulnerability
2012-08-1600:00:00
ubuntu.com
23
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.036 Low
EPSS
Percentile
91.6%
Releases
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04
Packages
- libotr - Off-the-Record Messaging library
Details
Justin Ferguson discovered multiple heap overflows in libotr. A remote
attacker could use this to craft a malformed OTR message that could
cause a denial of service via application crash or possibly execute
arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | libotr2 | < 3.2.0-4ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libotr2-bin | < 3.2.0-4ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libotr2-dev | < 3.2.0-4ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | libotr2 | < 3.2.0-2.1ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | libotr2-bin | < 3.2.0-2.1ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | libotr2-dev | < 3.2.0-2.1ubuntu0.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libotr2 | < 3.2.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libotr2-bin | < 3.2.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libotr2-dev | < 3.2.0-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | libotr2 | < 3.2.0-2ubuntu0.1 | UNKNOWN |
References
Related
suse
suse
update for libotr (important)
2013-01-23 14:06:13
Security update for libotr (important)
2012-11-28 00:09:21
update for libotr (important)
2012-11-22 11:14:07
openvas
openvas
Ubuntu Update for libotr USN-1541-1
2012-08-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1578-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-1541-1)
2012-08-17 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : libotr (MDVSA-2013:097)
2013-04-20 00:00:00
SuSE 10 Security Update : libotr (ZYPP Patch Number 8377)
2012-11-28 00:00:00
openSUSE Security Update : libotr (openSUSE-SU-2012:1525-1)
2014-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libotr-3.2.1-1.fc16
2012-08-25 03:01:16
[SECURITY] Fedora 18 Update: libotr-3.2.1-1.fc18
2012-09-17 23:42:44
[SECURITY] Fedora 17 Update: libotr-3.2.1-1.fc17
2012-08-25 02:56:21
prion
prion
Heap overflow
2012-08-20 19:55:00
freebsd
freebsd
libotr -- buffer overflows
2012-07-27 00:00:00
osv
osv
libotr - buffer overflow
2012-08-12 00:00:00
ubuntucve
ubuntucve
CVE-2012-3461
2012-08-10 00:00:00
debiancve
debiancve
CVE-2012-3461
2012-08-20 19:55:00
cve
cve
CVE-2012-3461
2012-08-20 19:55:00
securityvulns
securityvulns
[USN-1541-1] libotr vulnerability
2012-08-20 00:00:00
libotr multiple buffer overflows
2012-08-20 00:00:00
debian
debian
[SECURITY] [DSA 2526-1] libotr security update
2012-08-12 18:43:04
gentoo
gentoo
libotr: Arbitrary code execution
2013-09-15 00:00:00
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.036 Low
EPSS
Percentile
91.6%
Related for USN-1541-1