SUSE CVE-2016-2087

🗓️ 15 Feb 2023 05:06:47Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

SUSE CVE-2016-2087: HexChat 2.11.0 client allows reading or modifying files via dot dot in the server name.

Reporter	Title	Published	Views	Family All 19
0day.today	Hexchat IRC Client 2.11.0 - Directory Traversal	4 Apr 201600:00	–	zdt
CNVD	Hexchat IRC Client Directory Traversal Vulnerability	6 Apr 201600:00	–	cnvd
CVE	CVE-2016-2087	18 Jan 201717:00	–	cve
Cvelist	CVE-2016-2087	18 Jan 201717:00	–	cvelist
Debian	[SECURITY] [DLA ] xchat security update	10 Aug 201717:04	–	debian
Debian	[SECURITY] [DLA ] xchat security update	10 Aug 201717:04	–	debian
Debian CVE	CVE-2016-2087	18 Jan 201717:00	–	debiancve
Exploit DB	Hexchat IRC Client 2.11.0 - Directory Traversal	4 Apr 201600:00	–	exploitdb
exploitpack	Hexchat IRC Client 2.11.0 - Directory Traversal	4 Apr 201600:00	–	exploitpack
NVD	CVE-2016-2087	18 Jan 201717:59	–	nvd

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	12.5	any	hexchat	2.12.0-6.5.146	hexchat-2.12.0-6.5.146.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.5	any	hexchat	2.12.0-6.5.146	hexchat-2.12.0-6.5.146.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	hexchat-lang	2.12.0-6.5.146	hexchat-lang-2.12.0-6.5.146.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.5	any	hexchat-lang	2.12.0-6.5.146	hexchat-lang-2.12.0-6.5.146.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2016-2087
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1020739
lists	www.lists.suse.com/pipermail/sle-security-updates/2020-October/007528.html

14 May 2026 03:21Current

7High risk

Vulners AI Score7

CVSS 37.4

EPSS0.13018

SUSE HexChat directory traversal server name dot dot arbitrary files