Wernerd : Security Vulnerabilities, CVEs, Published In 2013 (Code Execution)
Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ZRTP Hello packet to the (1) ZRtp::findBestSASType, (2) ZRtp::findBestAuthLen, (3) ZRtp::findBestCipher, (4) ZRtp::findBestHash, or (5) ZRtp::findBestPubKey functions.
Max CVSS
6.8
EPSS Score
2.55%
Published
2013-10-04
Updated
2018-01-09
Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet.
Max CVSS
7.5
EPSS Score
12.06%
Published
2013-10-04
Updated
2018-01-09
2 vulnerabilities found