Vulnerability Details : CVE-2016-2851
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2016-2851
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:a:cypherpunks:libotr:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-2851
3.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-2851
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-2851
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2851
-
http://www.securityfocus.com/archive/1/537745/100/0/threaded
SecurityFocusThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00030.html
[security-announce] openSUSE-SU-2016:0732-1: important: Security updateVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00021.html
[security-announce] openSUSE-SU-2016:0708-1: important: Security updateMailing List
-
https://security.gentoo.org/glsa/201701-10
libotr, Pidgin OTR: Remote execution of arbitrary code (GLSA 201701-10) — Gentoo securityThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2926-1
USN-2926-1: OTR vulnerability | Ubuntu security noticesThird Party Advisory
-
http://seclists.org/fulldisclosure/2016/Mar/21
Full Disclosure: Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr"Exploit;Mailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/39550/
libotr 4.1.0 - Memory CorruptionThird Party Advisory;VDB Entry
-
https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/
Advisory X41-2016-001: Memory Corruption Vulnerability in libotr | X41 D-SEC GmbHExploit
-
http://www.debian.org/security/2016/dsa-3512
Debian -- Security Information -- DSA-3512-1 libotrThird Party Advisory
-
https://lists.cypherpunks.ca/pipermail/otr-users/2016-March/002581.html
[OTR-users] Security Advisory: upgrade to libotr 4.1.1Exploit
-
http://www.securityfocus.com/bid/84285
Libotr CVE-2016-2851 Integer Overflow VulnerabilityThird Party Advisory;VDB Entry
Jump to