Irssi 1.0.4

CPE Details

Irssi 1.0.4
irssi
irssi
1.0.4
2018-02-21
18h40 +00:00
2018-02-21
18h40 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:irssi:irssi:1.0.4:*:*:*:*:*:*:*

Informations

Vendor

irssi

Product

irssi

Version

1.0.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-13045 2019-06-29 11h58 +00:00 Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.
8.1
High
CVE-2018-7050 2018-02-15 19h00 +00:00 An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick.
7.5
High
CVE-2018-7051 2018-02-15 19h00 +00:00 An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.
7.5
High
CVE-2018-7052 2018-02-15 19h00 +00:00 An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur.
7.5
High
CVE-2018-7053 2018-02-15 19h00 +00:00 An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.
9.8
Critical
CVE-2018-7054 2018-02-15 19h00 +00:00 An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.
9.8
Critical
CVE-2018-5205 2018-01-06 15h00 +00:00 When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string.
7.5
High
CVE-2018-5206 2018-01-06 15h00 +00:00 When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
9.8
Critical
CVE-2018-5207 2018-01-06 15h00 +00:00 When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.
7.5
High
CVE-2018-5208 2018-01-06 15h00 +00:00 In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
9.8
Critical
CVE-2017-15227 2017-10-22 15h00 +00:00 Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the state later on.
7.5
High
CVE-2017-15228 2017-10-22 15h00 +00:00 Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.
7.5
High
CVE-2017-15721 2017-10-22 15h00 +00:00 In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
7.5
High
CVE-2017-15722 2017-10-22 15h00 +00:00 In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
5.9
Medium
CVE-2017-15723 2017-10-22 15h00 +00:00 In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.
7.5
High