CVE-2010-1156Irssi vulnerability

7 documents6 sources
Severity
4.3MEDIUMNVD
EPSS
3.3%
top 12.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IrssiDebian Irssi
Timeline
PublishedApr 16
Latest updateMay 2

Description

core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

debiandebian/irssi< irssi 0.8.15-1 (bookworm)
Debianirssi/irssi< 0.8.15-1+3
NVDirssi/irssi0.8.15+15

Patches

Patch: www.vupen.comPatch: www.vupen.com

🔴Vulnerability Details

2
GHSA
GHSA-xw2v-vp7m-x4qc: core/nicklist2022-05-02
OSV
CVE-2010-1156: core/nicklist2010-04-16

📋Vendor Advisories

3
Ubuntu
irssi regression2010-04-20
Ubuntu
irssi vulnerabilities2010-04-15
Debian
CVE-2010-1156: irssi - core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial...2010

💬Community

1
Bugzilla
CVE-2010-1155 CVE-2010-1156 irssi 0.8.15 fixes two security issues2010-04-12
CVE-2010-1156 — Debian Irssi vulnerability | cvebase