CVE-2017-9469

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash.
References
Link Resource
https://irssi.org/security/irssi_sa_2017_06.txt Patch Vendor Advisory
http://openwall.com/lists/oss-security/2017/06/06/4 Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/99043 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038621 Third Party Advisory VDB Entry
http://www.debian.org/security/2017/dsa-3885 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:irssi:irssi:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2017-06-06 18:29

Updated : 2019-03-14 12:07


NVD link : CVE-2017-9469

Mitre link : CVE-2017-9469


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

irssi

  • irssi