CVE-2016-2851

Опубликовано: 07 апр. 2016

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.

Релиз	Статус	Примечание
devel	released	0.6.3-4.2ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [4.0.0-2.2ubuntu1.1]]
precise	released	3.2.0-4ubuntu0.3
trusty	released	4.0.0-2.2ubuntu1.1
trusty/esm	DNE	trusty was released [4.0.0-2.2ubuntu1.1]
upstream	released	4.1.1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	released	4.1.0-2ubuntu0.1

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2016-2851

CVSS3: 9.8

nvd

почти 10 лет назад

CVE-2016-2851

CVSS3: 9.8

debian

почти 10 лет назад

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms ...

openSUSE-SU-2016:0708-1

suse-cvrf

почти 10 лет назад

Security update for libotr,libotr2

SUSE-SU-2016:0707-1

suse-cvrf

почти 10 лет назад

Security update for libotr

SUSE-SU-2016:0706-1

suse-cvrf

почти 10 лет назад

Security update for libotr

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2016-2851

Описание

Пакет libotr

Ссылки на источники

Связанные уязвимости