CVE-2017-9469

high

Description

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash.

References

https://irssi.org/security/irssi_sa_2017_06.txt

http://www.securitytracker.com/id/1038621

http://www.securityfocus.com/bid/99043

http://www.debian.org/security/2017/dsa-3885

http://openwall.com/lists/oss-security/2017/06/06/4

Details

Source: Mitre, NVD

Published: 2017-06-07

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High