ID CVE-2009-1959
Summary Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.
References
Vulnerable Configurations
  • cpe:2.3:a:irssi:irssi:0.8.13:*:*:*:*:*:*:*
    cpe:2.3:a:irssi:irssi:0.8.13:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 17-08-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 35399
confirm
fedora FEDORA-2009-7012
mandriva MDVSA-2009:133
misc http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/
mlist [oss-security] 20090529 CVE Request (irssi)
sectrack 1022410
secunia
  • 35685
  • 35812
  • 36152
suse SUSE-SR:2009:012
ubuntu USN-800-1
vupen ADV-2009-1596
xf irssi-eventwallops-dos(51184)
Last major update 17-08-2017 - 01:30
Published 08-06-2009 - 01:00
Last modified 17-08-2017 - 01:30
Back to Top