CVE-2017-5194

Published: 03/03/2017 Updated: 19/03/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Use-after-free vulnerability in Irssi prior to 0.8.21 allows remote malicious users to cause a denial of service (crash) via an invalid nick message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
irssi irssi
debian debian linux 7.0

Several security issues were fixed in Irssi ...

Debian Bug report logs - #850403 irssi: CVE-2017-5193 CVE-2017-5194 CVE-2017-5195 CVE-2017-5196 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 6 Jan 2017 06:33:02 UTC Severity: important Tags: fixed-upstream, patch, ...

A use after free vulnerability has been discovered when receiving an invalid nick message potentially leading to arbitrary code execution ...

CWE-416 https://irssi.org/security/irssi_sa_2017_01.txt http://www.openwall.com/lists/oss-security/2017/01/06/1 http://www.securityfocus.com/bid/95310 https://security.gentoo.org/glsa/201701-45 https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html https://usn.ubuntu.com/3184-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-5194

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect