Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libotr 整数溢出漏洞
Vulnerability Description
libotr是加拿大软件开发者Ian Goldberg和OTR开发团队的一个加密即时消息传递库(Off-the-Record,OTR),它可在即时通讯上发起私密对话,并提供加密、认证等功能。 基于64-bit平台的libotr 4.1.1之前版本中的proto.c文件中存在整数溢出漏洞。远程攻击者可通过发送一系列较大的OTR消息利用该漏洞造成拒绝服务(内存损坏和应用程序崩溃)或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A