CVE-2012-3461

Published: Aug 20, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a denial of service (application crash) via a message with the value "?OTR:===.", which triggers a heap-based buffer overflow.

Affected (2)

Products: Cypherpunks: Libotr

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Cypherpunks Libotr	Up to 3.2.0
Cypherpunks Libotr	Version 3.1.0

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (32)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684121

Source: secalert@redhat.com

http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001347.html

Source: secalert@redhat.com

http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001348.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00016.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00019.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00019.html

Source: secalert@redhat.com

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr%3Ba=commitdiff%3Bh=1902baee5d4b056850274ed0fa8c2409f1187435

Source: secalert@redhat.com

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr%3Ba=commitdiff%3Bh=6d4ca89cf1d3c9a8aff696c3a846ac5a51f762c1

Source: secalert@redhat.com

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr%3Ba=commitdiff%3Bh=b17232f86f8e60d0d22caf9a2400494d3c77da58

Source: secalert@redhat.com

http://www.debian.org/security/2012/dsa-2526

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2012:131

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2013:097

Source: secalert@redhat.com

http://www.securityfocus.com/bid/54907

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1541-1

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=846377

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/77528

Source: secalert@redhat.com

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684121

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001347.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001348.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00016.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00019.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00019.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr%3Ba=commitdiff%3Bh=1902baee5d4b056850274ed0fa8c2409f1187435

Source: af854a3a-2127-422b-91ae-364da2661108

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr%3Ba=commitdiff%3Bh=6d4ca89cf1d3c9a8aff696c3a846ac5a51f762c1

Source: af854a3a-2127-422b-91ae-364da2661108

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr%3Ba=commitdiff%3Bh=b17232f86f8e60d0d22caf9a2400494d3c77da58

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2012/dsa-2526

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2012:131

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2013:097

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/54907

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1541-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=846377

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/77528

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.