1. CVE-Search
  2. CVE-2016-10189
ID CVE-2016-10189
Summary BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
References
Vulnerable Configurations
  • cpe:2.3:a:bitlbee:bitlbee:0.71:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.71:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.72:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.72:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.73:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.73:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.74:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.74:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.74a:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.74a:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.80:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.80:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.81:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.81:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.81a:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.81a:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.82:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.82:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.83:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.83:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.84:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.84:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.85:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.85:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.85a:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.85a:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.90a:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.90a:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.91:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.91:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.92:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.92:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.93:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.93:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:0.99:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:0.99:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.6a:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee:3.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee:3.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:bitlbee:bitlbee-libpurple:*:*:*:*:*:*:*:*
    cpe:2.3:a:bitlbee:bitlbee-libpurple:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 04-11-2017 - 01:29)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 95931
confirm
debian DSA-3853
mlist
  • [oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee
  • [oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee
Last major update 04-11-2017 - 01:29
Published 14-03-2017 - 14:59
Last modified 04-11-2017 - 01:29
Back to Top