FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libotr -- integer overflow

Affected packages
libotr < 4.1.1
0 <= libotr3

Details

VuXML ID c2b1652c-e647-11e5-85be-14dae9d210b8
Discovery 2016-02-17
Entry 2016-03-09
Modified 2016-03-09

X41 D-Sec reports:

A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages.

References

CVE Name CVE-2016-2851
URL https://www.x41-dsec.de/lab/advisories/x41-2016-001-libotr/