CVE-2017-10966 log
| Source |
|
| Severity | Critical |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | While updating the internal nick list, Irssi may incorrectly use the GHashTable interface and free the nick while updating it. This will then result in use-after-free conditions on each access of the hash table. Note that this should not happen with a conforming IRC server, so it requires control over the IRC server or a position of man-in-the-middle to be exploitable. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-342 | irssi | 1.0.3-1 | 1.0.4-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 13 Jul 2017 | ASA-201707-13 | AVG-342 | irssi | Critical | denial of service |
| References |
|---|
https://irssi.org/security/irssi_sa_2017_07.txt |