Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2221 | 1 Wernerd | 1 Zrtpcpp | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet. | |||||
CVE-2013-2223 | 1 Wernerd | 1 Zrtpcpp | 2024-02-04 | 5.8 MEDIUM | N/A |
GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap memory) or cause a denial of service (out-of-bounds read) via a crafted packet, as demonstrated by a truncated Ping packet that is not properly handled by the getEpHash function. | |||||
CVE-2013-2222 | 1 Wernerd | 1 Zrtpcpp | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ZRTP Hello packet to the (1) ZRtp::findBestSASType, (2) ZRtp::findBestAuthLen, (3) ZRtp::findBestCipher, (4) ZRtp::findBestHash, or (5) ZRtp::findBestPubKey functions. |