Home

CVE-2017-9469

Description

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.189

Associated Vulnerability

VulnerabilityOS Platform
terminal based IRC client (USN-3317-1) irssi_0.8.15-5ubuntu3.2_i386.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.15-5ubuntu3.2_amd64.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.19-1ubuntu1.4_i386.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.19-1ubuntu1.4_amd64.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.19-1ubuntu2.2_i386.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.19-1ubuntu2.2_amd64.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.20-2ubuntu2.1_i386.debLinux
terminal based IRC client (USN-3317-1) irssi_0.8.20-2ubuntu2.1_amd64.debLinux
Irssi 0.8.15-5ubuntu3.2 for Ubuntu 14.04 LTS (x64) irssi_0.8.15-5ubuntu3.2_amd64.debLinux
Irssi 0.8.15-5ubuntu3.2 for Ubuntu 14.04 LTS irssi_0.8.15-5ubuntu3.2_i386.debLinux
Irssi 0.8.19-1ubuntu1.4 for Ubuntu 16.04 LTS (x64) irssi_0.8.19-1ubuntu1.4_amd64.debLinux
Irssi 0.8.19-1ubuntu1.4 for Ubuntu 16.04 LTS irssi_0.8.19-1ubuntu1.4_i386.debLinux
Irssi 0.8.19-1ubuntu2.2 for Ubuntu 16.10 (x64) irssi_0.8.19-1ubuntu2.2_amd64.debLinux
Irssi 0.8.19-1ubuntu2.2 for Ubuntu 16.10 irssi_0.8.19-1ubuntu2.2_i386.debLinux
Irssi 0.8.20-2ubuntu2.1 for Ubuntu 17.04 (x64) irssi_0.8.20-2ubuntu2.1_amd64.debLinux
Irssi 0.8.20-2ubuntu2.1 for Ubuntu 17.04 irssi_0.8.20-2ubuntu2.1_i386.debLinux
irssi security update(DSA-3885-1) irssi_0.8.17-1+deb8u4_i386.debLinux
irssi security update(DSA-3885-1) irssi_0.8.17-1+deb8u4_amd64.debLinux
irssi security update(DSA-3885-1) irssi_0.8.17-1+deb8u4_kfreebsd-i386.debLinux
irssi security update(DSA-3885-1) irssi_0.8.17-1+deb8u4_kfreebsd-amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234