Ziproxy is prone to multiple integer-overflow vulnerabilities because it fails to properly validate user-supplied data. Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions. Ziproxy 3.0 is vulnerable other versions may also be affected.
Updates are available. Please see the references for more information.
- XnView JPEG2000 Plugin Buffer Overflow Vulnerability (Win)
- Dnsmasq TFTP Service multiple vulnerabilities
- Microsoft Windows Media Player '.mpg' Buffer Overflow Vulnerability
- Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability
- IrfanView JPEG-2000 Plugin Remote Stack Based Buffer Overflow Vulnerability