MidnightBSD

Advisories for bzrtp_project

CVE-2016-6271 MEDIUM

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
bzrtp_project bzrtp 1.0.3
bzrtp_project bzrtp 1.0.2
bzrtp_project bzrtp 1.0.0