CVE-2013-7049Improper Restriction of Operations within the Bounds of a Memory Buffer in Znc-msvc

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
1.1%
top 22.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ZNC Znc-msvc
Timeline
PublishedDec 23
Latest updateMay 17

Description

Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as used in ZNC for Windows (znc-msvc) 0.206 and earlier, allows remote attackers to cause a denial of service (crash) via a long string in a DH1080_INIT message.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDznc/znc-msvc0.206+13

🔴Vulnerability Details

1
GHSA
GHSA-rj4x-5f2j-h52p: Stack-based buffer overflow in fish2022-05-17