WeeChat prior to 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
weechat weechat |
||
debian debian linux 8.0 |