libotr 4.1.0 Memory Corruption

Discussion in 'News Aggregator' started by Packet Storm, 11 Mar 2016.

  1. Packet Storm

    Packet Storm Guest

    A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds. No special user interaction or authorization is necessary in default configurations. libotr versions 4.1.0 and below are affected.

    Continue reading...
     

Share This Page

Loading...