BarnOwl prior to 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
barnowl barnowl 1.0.2 |
||
barnowl barnowl 1.0.1 |
||
barnowl barnowl 1.0.3 |
||
barnowl barnowl 1.0.2.1 |
||
barnowl barnowl 1.5 |
||
barnowl barnowl 1.0.4 |
||
barnowl barnowl 1.0.4.1 |
||
barnowl barnowl |
||
barnowl barnowl 1.5.1 |
||
barnowl barnowl 1.3 |
||
barnowl barnowl 1.4 |
||
barnowl barnowl 1.1.1 |
||
barnowl barnowl 1.2 |
||
barnowl barnowl 1.6 |
||
barnowl barnowl 1.0.0 |
||
barnowl barnowl 1.2.1 |
||
barnowl barnowl 1.0.5 |
||
barnowl barnowl 1.1 |