diff options
| author | Ailin Nemui <ailin@z30a.localdomain> | 2017-01-06 09:21:55 +0100 |
|---|---|---|
| committer | Ailin Nemui <ailin@z30a.localdomain> | 2017-01-06 09:21:55 +0100 |
| commit | a7cab32a3fbd2b222dbb7c817c79e5d00216267b (patch) | |
| tree | fd6bac96599c0d80f6c516302896b6ba04d06b53 | |
| parent | 53bacf4d225a6f8e041e007f6bd498da9c57a03c (diff) | |
| download | irssi.github.io-a7cab32a3fbd2b222dbb7c817c79e5d00216267b.zip | |
add cves
| -rw-r--r-- | security/irssi_sa_2017_01.txt | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/security/irssi_sa_2017_01.txt b/security/irssi_sa_2017_01.txt index d8e6850..17dcb6e 100644 --- a/security/irssi_sa_2017_01.txt +++ b/security/irssi_sa_2017_01.txt @@ -1,6 +1,6 @@ Multiple vulnerabilities in Irssi [1] ===================================== - +CVE-2017-5193, CVE-2017-5194, CVE-2017-5195, CVE-2017-5196 Description ----------- @@ -10,14 +10,22 @@ Four vulnerabilities have been located in Irssi. (a) A NULL pointer dereference in the nickcmp function found by Joseph Bisch. (CWE-690) + CVE-2017-5193 [2] was assigned to this bug + (b) Use after free when receiving invalid nick message (Issue #466, CWE-146) + CVE-2017-5194 [3] was assigned to this bug + (c) Out of bounds read in certain incomplete control codes found by Joseph Bisch. (CWE-126) + CVE-2017-5195 [4] was assigned to this bug + (d) Out of bounds read in certain incomplete character sequences found by Hanno Böck and independently by J. Bisch. (CWE-126) + CVE-2017-5196 [5] was assigned to this bug + Impact ------ @@ -99,3 +107,7 @@ References ---------- [1] https://irssi.org/security/irssi_sa_2017_01.txt +[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193 +[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194 +[4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195 +[5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196 |