AVG-127

Package irssi
Status Fixed
Severity High
Type multiple issues
Affected 0.8.20-1
Fixed 0.8.21-1
Current 1.1.1-1 [extra]
Ticket None
Created Sun Jan 8 19:10:53 2017
Issue Severity Remote Type Description
CVE-2017-5196 Medium Yes Denial of service
An out of bounds read has been discovered in certain incomplete character sequences leading to application crash.
CVE-2017-5195 Medium Yes Denial of service
An out of bounds read has been discovered in certain incomplete control codes leading to application crash.
CVE-2017-5194 High Yes Arbitrary code execution
A use after free vulnerability has been discovered when receiving an invalid nick message potentially leading to arbitrary code execution.
CVE-2017-5193 Medium Yes Denial of service
A NULL pointer dereference has been discovered in the nickcmp function leading to application crash.
Date Advisory Package Description
11 Jan 2017 ASA-201701-14 irssi multiple issues
References
https://irssi.org/security/irssi_sa_2017_01.txt
http://www.openwall.com/lists/oss-security/2017/01/05/2