Published: 27/09/2016 Updated: 30/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The unformat_24bit_color function in the format parsing code in Irssi prior to 0.8.20, when compiled with true-color enabled, allows remote malicious users to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
irssi irssi
debian debian linux 8.0
canonical ubuntu linux 16.04

Irssi could be made to crash if it received specially crafted network traffic ...

Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely exploitable crash and heap corruption vulnerabilities in the format parsing code in Irssi, a terminal based IRC client For the stable distribution (jessie), these problems have been fixed in version 0817-1+deb8u1 We recommend that you upgrade your irssi packages ...

The unformat_24bit_color function in the format parsing code in Irssi before 0820, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code ...

The unformat_24bit_color() function is called by format_send_to_gui() to decode 24bit color codes into their components The pointer is advanced unconditionally without checking if a complete code was supplied Thus, after the return of unformat_24bit_color(), ptr might be invalid and point out of the buffer ...

CWE-119 http://www.ubuntu.com/usn/USN-3086-1 http://www.debian.org/security/2016/dsa-3672 https://irssi.org/security/irssi_sa_2016.txt http://www.securitytracker.com/id/1036868 https://usn.ubuntu.com/3086-1/https://nvd.nist.gov

CVE-2016-7044

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect