RSS   Vulnerabilities for 'Irssi'   RSS

2019-08-29
 
CVE-2019-15717

CWE-416
 

 
Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

 
2019-06-29
 
CVE-2019-13045

CWE-416
 

 
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.

 
2019-01-09
 
CVE-2019-5882

CWE-416
 

 
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.

 
2018-02-15
 
CVE-2018-7054

CWE-416
 

 
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.

 
 
CVE-2018-7053

CWE-416
 

 
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.

 
 
CVE-2018-7052

CWE-476
 

 
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur.

 
 
CVE-2018-7051

CWE-125
 

 
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.

 
 
CVE-2018-7050

CWE-476
 

 
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick.

 
2018-01-06
 
CVE-2018-5208

CWE-119
 

 
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.

 
 
CVE-2018-5207

CWE-134
 

 
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.

 


Copyright 2019, cxsecurity.com

 

Back to Top