VuXML: Irssi -- multiple vulnerabilities

Affected packages

irssi

0.8.21

Details

VuXML ID	3d6be69b-d365-11e6-a071-001e67f15f5a
Discovery	2017-01-03
Entry	2017-01-05
Modified	2017-01-15

VuXML ID

3d6be69b-d365-11e6-a071-001e67f15f5a

Discovery

2017-01-03

Entry

2017-01-05

Modified

2017-01-15

Irssi reports:

Five vulnerabilities have been located in Irssi

A NULL pointer dereference in the nickcmp function found by Joseph Bisch. (CWE-690)

Use after free when receiving invalid nick message (Issue #466, CWE-146)

Out of bounds read in certain incomplete control codes found by Joseph Bisch. (CWE-126)

Out of bounds read in certain incomplete character sequences found by Hanno Böck and independently by J. Bisch. (CWE-126)

Out of bounds read when Printing the value '%['. Found by Hanno Böck. (CWE-126)

These issues may result in denial of service (remote crash).

[source]

References

CVE Name

CVE-2017-5193

CVE Name

CVE-2017-5194

CVE Name

CVE-2017-5195

CVE Name

CVE-2017-5196

CVE Name

CVE-2017-5356

FreeBSD PR

ports/215800

URL

https://irssi.org/security/irssi_sa_2017_01.txt