CVE-2011-5129
published 2012-08-30CVE-2011-5129: Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a…
PriorityP337medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
7.70%
93.8th percentile
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
Affected
51 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xchat | xchat | <= 2.8.9 | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q42x-qq8c-c587: Heap-based buffer overflow in XChat 2
ghsa_unreviewed·2022-05-17
CVE-2011-5129 [MEDIUM] CWE-119 GHSA-q42x-qq8c-c587: Heap-based buffer overflow in XChat 2
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
OSV
CVE-2011-5129: Heap-based buffer overflow in XChat 2
osv·2012-08-30·CVSS 5.0
CVE-2011-5129 [MEDIUM] CVE-2011-5129: Heap-based buffer overflow in XChat 2
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
Red Hat
xchat: Heap-based buffer overflow (crash, ACE) via long response string
vendor_redhat·2012-08-31·CVSS 5.0
CVE-2011-5129 [MEDIUM] CWE-122 xchat: Heap-based buffer overflow (crash, ACE) via long response string
xchat: Heap-based buffer overflow (crash, ACE) via long response string
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
Statement: This bug is not a security issue. For detailed explanation, refer to:
https://bugzilla.redhat.com/show_bug.cgi?id=853321#c4
Package: xchat (Red Hat Enterprise Linux 5) - Not affected
Package: xchat (Red Hat Enterprise Linux 6) - Not affected
No detection rules found.
http://packetstormsecurity.org/files/107312/xchat-dos.txthttp://www.exploit-db.com/exploits/18159http://www.osvdb.org/77629http://www.securityfocus.com/bid/50820http://www.securitytracker.com/id?1027468http://packetstormsecurity.org/files/107312/xchat-dos.txthttp://www.exploit-db.com/exploits/18159http://www.osvdb.org/77629http://www.securityfocus.com/bid/50820http://www.securitytracker.com/id?1027468
2012-08-30
Published