Summary
Ziproxy is prone to multiple integer-overflow vulnerabilities because it fails to properly validate user-supplied data.
Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions.
Ziproxy 3.0 is vulnerable
other versions may also be affected.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-1513 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability
- Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)
- UnrealIRCd User Authentication Buffer Overflow Vulnerability
- Terminal Server Client RDP File Processing BOF Vulnerabilities
- VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows)