Skip to main content

Libotr

2 CVEs product

Monthly

CVE-2016-2851 CRITICAL POC THREAT Emergency

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.1%.

Denial Of Service RCE Buffer Overflow Debian Linux Leap +2
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
23.1%
Threat
4.2
CVE-2012-3461 MEDIUM This Month

The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Libotr
NVD
CVSS 2.0
4.3
EPSS
3.2%
EPSS 23% 4.2 CVSS 9.8
CRITICAL POC THREAT Emergency

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.1%.

Denial Of Service RCE Buffer Overflow +4
NVD Exploit-DB
EPSS 3% CVSS 4.3
MEDIUM This Month

The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Libotr
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy