Gzob Qq

**Name of the Vulnerable Software and Affected Versions** c-ares versions 1.x before 1.12.0 **Description** The issue is related to a heap-based buffer overflow in the `ares create query` function, which can be triggered by a remote attacker using a hostname with an escaped trailing dot. This can lead to a denial of service due to an out-of-bounds write or potentially allow the execution of arbitrary code. **Recommendations** For versions prior to 1.12.0, update to version 1.12.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of hostnames with escaped trailing dots to minimize the risk of exploitation.