Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities Network Vulnerability

Summary

Ziproxy is prone to multiple integer-overflow vulnerabilities because it fails to properly validate user-supplied data. Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions. Ziproxy 3.0 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://secunia.com/secunia_research/2010-75/
http://www.securityfocus.com/bid/40344
http://ziproxy.sourceforge.net/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1513
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability
Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)
UnrealIRCd User Authentication Buffer Overflow Vulnerability
Terminal Server Client RDP File Processing BOF Vulnerabilities
VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities