wernerd/ZRTPCPP

wernerd/ZRTPCPP

Releases35

Frequency2 months 4 weeks

Last Release over 6 years ago

Stars120

C++ Implementation of ZRTP protocol - GNU ZRTP C++

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2013-2221 ↗	Oct 4, 2013Friday, 4 October 2013, 17:55	—	7.5 HIGH
Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet.
CVE-2013-2222 ↗	Oct 4, 2013Friday, 4 October 2013, 17:55	—	6.8 MEDIUM
Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ZRTP Hello packet to the (1) ZRtp::findBestSASType, (2) ZRtp::findBestAuthLen, (3) ZRtp::findBestCipher, (4) ZRtp::findBestHash, or (5) ZRtp::findBestPubKey functions.
CVE-2013-2223 ↗	Oct 4, 2013Friday, 4 October 2013, 17:55	—	5.8 MEDIUM
GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap memory) or cause a denial of service (out-of-bounds read) via a crafted packet, as demonstrated by a truncated Ping packet that is not properly handled by the getEpHash function.