Date: Wed, 07 Jun 2017 10:18:31 +0200 From: Ailin Nemui <ailin.nemui@...il.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-9468, CVE-2017-9469: Irssi Security Advisory 2017/06 On Tue, 2017-06-06 at 23:31 +0200, Ailin Nemui wrote: > (a) When receiving a DCC message without source nick/host, Irssi would > attempt to dereference a NULL pointer. Found by Joseph > Bisch. (CWE-690) CVE-2017-9468  was assigned to this bug > (b) When receiving certain incorrectly quoted DCC files, Irssi would > try to find the terminating quote one byte before the allocated > memory. Found by Joseph Bisch. (CWE-129, CWE-127) CVE-2017-9469  was assigned to this bug  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.