5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
An out-of-bounds read vulnerability was discovered in Quassel-core, one
of the components of the distributed IRC client Quassel. An attacker can
send a crafted message that crash to component causing a denial of
services or disclosure of information from process memory.
For the stable distribution (wheezy), this problem has been fixed in
version 0.8.0-1+deb7u3.
For the unstable distribution (sid), this problem has been fixed in
version 0.10.0-2.1 (will be available soon).
We recommend that you upgrade your quassel packages.
CPE | Name | Operator | Version |
---|---|---|---|
quassel | eq | 0.8.0-1 | |
quassel | eq | 0.8.0-1+deb7u2 | |
quassel | eq | 0.8.0-1+deb7u1 |