---

CVE-2017-10966 - log back

CVE-2017-10966 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ While updating the internal nick list, Irssi may incorrectly use the GHashTable interface and free the nick while updating it. This will then result in use-after-free conditions on each access of the hash table. Note that this should not happen with a conforming IRC server, so it requires control over the IRC server or a position of man-in-the-middle to be exploitable.
References	+ https://irssi.org/security/irssi_sa_2017_07.txt
Notes