libbzrtp 1.0.x < 1.0.4 - Man-in-the-Middle Spoofing via Missing HVI Check on DHPart2 Packet
The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.