5
CVSSv2

CVE-2016-7044

Published: 27/09/2016 Updated: 30/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The unformat_24bit_color function in the format parsing code in Irssi prior to 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.

Affected Products

Vendor Product Versions
IrssiIrssi0.8.19
CanonicalUbuntu Linux16.04
DebianDebian Linux8.0

Vendor Advisories

Irssi could be made to crash if it received specially crafted network traffic ...
Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely exploitable crash and heap corruption vulnerabilities in the format parsing code in Irssi, a terminal based IRC client For the stable distribution (jessie), these problems have been fixed in version 0817-1+deb8u1 We recommend that you upgrade your irssi packages ...
The unformat_24bit_color function in the format parsing code in Irssi before 0820, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code ...
The unformat_24bit_color() function is called by format_send_to_gui() to decode 24bit color codes into their components The pointer is advanced unconditionally without checking if a complete code was supplied Thus, after the return of unformat_24bit_color(), ptr might be invalid and point out of the buffer ...
Oracle Solaris Third Party Bulletin - July 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical P ...