Date: Wed, 07 Jun 2017 10:18:31 +0200 From: Ailin Nemui <ailin.nemui@...il.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-9468, CVE-2017-9469: Irssi Security Advisory 2017/06 On Tue, 2017-06-06 at 23:31 +0200, Ailin Nemui wrote: > (a) When receiving a DCC message without source nick/host, Irssi would > attempt to dereference a NULL pointer. Found by Joseph > Bisch. (CWE-690) CVE-2017-9468  was assigned to this bug > (b) When receiving certain incorrectly quoted DCC files, Irssi would > try to find the terminating quote one byte before the allocated > memory. Found by Joseph Bisch. (CWE-129, CWE-127) CVE-2017-9469  was assigned to this bug  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ