| Title | Irssi におけるバッファエラーの脆弱性 |
|---|---|
| Summary | Irssi には、バッファエラーの脆弱性が存在します。 |
| Possible impacts | サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダ情報および参考情報を参照して適切な対策を実施してください。 |
| Publication Date | June 6, 2017, midnight |
| Registration Date | July 4, 2017, 4:28 p.m. |
| Last Update | July 4, 2017, 4:28 p.m. |
| CVSS3.0 : 重要 | |
| Score | 7.5 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| CVSS2.0 : 警告 | |
| Score | 5 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Irssi |
| Irssi 1.0.3 未満 |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2017年07月04日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash. |
|---|---|
| Publication Date | June 7, 2017, 10:29 a.m. |
| Registration Date | Jan. 26, 2021, 1:31 p.m. |
| Last Update | Nov. 21, 2024, 12:36 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:irssi:irssi:*:*:*:*:*:*:*:* | 1.0.2 | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |||||