CVE-2016-7044 - log back

CVE-2016-7044 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ The unformat_24bit_color() function is called by format_send_to_gui() to decode 24bit color codes into their components. The pointer is advanced unconditionally without checking if a complete code was supplied. Thus, after the return of unformat_24bit_color(), ptr might be invalid and point out of the buffer.
References
+ https://irssi.org/security/irssi_sa_2016.txt
Notes
+ Required irssi to build with true-color support via --enable-true-color.