Overview: 1 vulnerability

WSA CVE Score Severity Issue Vulnerability type Scope Versions Fix Release date
WSA-2012-1 CVE-2012-5854 7.5
Crash when decoding IRC colors. Out-of-bounds write IRC 0.3.6 → 0.3.9 0.3.9.1

WSA-2012-1: [IRC] Crash when decoding IRC colors.

Vulnerability
CVE
CVE-2012-5854 [ MITRE / NVD ]
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (detail)
CVSS score
7.5 / 10
Severity
high
Vulnerability type
Out-of-bounds write (detail)
Scope
IRC
Affected versions
0.3.6 → 0.3.9
Fixed version
0.3.9.1 () - ChangeLog
Tracker
bug #37704
Commits
Commit
Description
A buffer overflow happens when decoding some IRC colors in strings.
Mitigation
Turn of handling of colors in incoming IRC messages: 

/set irc.network.colors_receive off

GitHub Mastodon Diaspora Twitter

Copyright © 2003-2024 Sébastien HelleuAbout WeeChat.org — Theme: dark (light)