A pointer overflow flaw was found in ZeroMQ libzmq version 4.2.x and 4.3.x, prior to 4.3.1. An integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer which can be leveraged to run arbitrary code on the target system. This allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.