CVE-2013-2221

Published: Oct 4, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2013:1600

vendor-advisory

x_refsource_SUSE

https://github.com/wernerd/ZRTPCPP/commit/4654f330317c9948bb61d138eb24d49690ca4637

x_refsource_CONFIRM

http://blog.azimuthsecurity.com/2013/06/attacking-crypto-phones-weaknesses-in.html

x_refsource_MISC

54998

third-party-advisory

x_refsource_SECUNIA

openSUSE-SU-2013:1599

vendor-advisory

x_refsource_SUSE

GLSA-201309-13

vendor-advisory

x_refsource_GENTOO

[oss-security] 20130630 Re: CVE request: Multiple issues in GNU ZRTPCPP

mailing-list

x_refsource_MLIST

53818

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-2221

Description

Affected Products

References