Irssi -- multiple vulnerabilities

2017-01-03T00:00:00
ID 3D6BE69B-D365-11E6-A071-001E67F15F5A
Type freebsd
Reporter FreeBSD
Modified 2017-01-15T00:00:00

Description

Irssi reports:

Five vulnerabilities have been located in Irssi

A NULL pointer dereference in the nickcmp function found by Joseph Bisch. (CWE-690) Use after free when receiving invalid nick message (Issue #466, CWE-146) Out of bounds read in certain incomplete control codes found by Joseph Bisch. (CWE-126) Out of bounds read in certain incomplete character sequences found by Hanno Böck and independently by J. Bisch. (CWE-126) Out of bounds read when Printing the value '%['. Found by Hanno Böck. (CWE-126)

These issues may result in denial of service (remote crash).