Vulnerabilities > Cisco > Libsrtp > 1.0.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-21 | CVE-2015-6360 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. | 7.5 |
2014-01-16 | CVE-2013-2139 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions. | 2.6 |