gteissier/CVE-2016-6271

Releases0

Stars5

Proof of concept for ZRTP man-in-the-middle

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2016-6271 ↗	Jan 18, 2017Wednesday, 18 January 2017, 22:59	—	5 MEDIUM
The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.