Ziproxy is prone to multiple integer-overflow vulnerabilities because it fails to properly validate user-supplied data. Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions. Ziproxy 3.0 is vulnerable other versions may also be affected.
Updates are available. Please see the references for more information.
- Tcptrack Command Line Parsing Heap Based Buffer Overflow Vulnerability
- Microsoft Windows Media Player '.mpg' Buffer Overflow Vulnerability
- Firebird Relational Database CNCT Group Number Buffer Overflow Vulnerability (Win)
- SIP Express Router Register Buffer Overflow
- Ziproxy PNG Image Processing Buffer Overflow Vulnerability