| Description: |
From the Red Hat bugzilla [1, 2, 3]:
A heap-based buffer overflow flaw was found in the way libzrtpcpp, a ZRTP support library for the GNU ccRTP stack, processed certain ZRTP packets (overly-large ZRTP packets of several types). A remote attacker could provide a specially-crafted ZRTP packet that, when processed in an application linked against libzrtpcpp would lead to that application crash or, potentially, arbitrary code execution with the privileges of the user running that application. (CVE-2013-2221)
Multiple stack-based buffer overflows were found in the way libzrtpcpp, a ZRTP support library for the GNU ccRTP stack, processed certain ZRTP Hello packets (ZRTP Hello packets with an overly-large value in certain fields, including the count of public keys). A remote attacker could provide a specially-crafted ZRTP packet that, when processed in an application linked against libzrtpcpp would lead to that application crash. (CVE-2013-2222)
Multiple information (heap memory content) exposure flaws were found in the way libzrtpcpp, a ZRTP support library for the GNU ccRTP stack, processed truncated ZRTP Ping packets. A remote attacker could provide a specially-crafted ZRTP Ping packet that, when processed in an application linked against libzrtpcpp would potentially reveal sensitive information stored on the heap. (CVE-2013-2223) |
