CVE-2016-7044 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	The unformat_24bit_color() function is called by format_send_to_gui() to decode 24bit color codes into their components. The pointer is advanced unconditionally without checking if a complete code was supplied. Thus, after the return of unformat_24bit_color(), ptr might be invalid and point out of the buffer.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-28	irssi	0.8.19-2		High	Not affected

References
https://irssi.org/security/irssi_sa_2016.txt

Notes
Required irssi to build with true-color support via --enable-true-color.