Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities Network Vulnerability

Summary

Ziproxy is prone to multiple integer-overflow vulnerabilities because it fails to properly validate user-supplied data. Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions. Ziproxy 3.0 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://secunia.com/secunia_research/2010-75/
http://www.securityfocus.com/bid/40344
http://ziproxy.sourceforge.net/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1513

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

IrfanView JPEG-2000 Plugin Remote Stack Based Buffer Overflow Vulnerability
UnrealIRCd Buffer Overflow Vulnerability
Novell iManager jclient 'EnteredAttrName' Buffer Overflow Vulnerability
VLC Media Player Stack Overflow Vulnerability (Lin-Mar09)
Gabset Media Player Classic Integer Overflow Vulnerability

Take action and discover your vulnerabilities