Cypherpunks : Security Vulnerabilities, CVEs, Published In 2016 (Memory corruption)

CVE-2016-2851

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
Max CVSS
9.8
EPSS Score
3.60%
Published
2016-04-07
Updated
2018-10-30

CVE-2015-8833

Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
Max CVSS
10.0
EPSS Score
9.62%
Published
2016-04-12
Updated
2021-08-04
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close