Home

CVE-2016-7553

Description

The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.

Risk Information

Base Score
3.3
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.084

Associated Vulnerability

VulnerabilityOS Platform
terminal based IRC client (USN-3086-1) irssi_0.8.19-1ubuntu1.3_i386.debLinux
terminal based IRC client (USN-3086-1) irssi_0.8.19-1ubuntu1.3_amd64.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.15-4ubuntu3.1_i386.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.15-4ubuntu3.1_amd64.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.15-5ubuntu3.1_i386.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.15-5ubuntu3.1_amd64.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.19-1ubuntu1.3_i386.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.19-1ubuntu1.3_amd64.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.19-1ubuntu2.1_i386.debLinux
terminal based IRC client (USN-3184-1) irssi_0.8.19-1ubuntu2.1_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234