cbcvebase.
CVE-2019-7629
published 2019-02-18

CVE-2019-7629: Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by…

PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
5.38%
91.6th percentile
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.

Affected

3 ranges
VendorProductVersion rangeFixed in
debiantintin< tintin++ 2.01.5-2 (bookworm)tintin++ 2.01.5-2 (bookworm)
tintin_+_+_projecttintin
tintin_+_+_projectwintin

Detection & IOCsextracted from sources · hover to see the quote

versionTinTin++ 2.01.6
versionWinTin++ 2.01.6
  • Detect exploitation attempts by monitoring for abnormally long messages sent to TinTin++/WinTin++ clients, targeting the strip_vt102_codes function which processes VT102 terminal escape codes.
  • Flag processes running TinTin++ or WinTin++ version 2.01.6; the vulnerable function is strip_vt102_codes and exploitation is triggered remotely via a long message to the client.
  • ·The Debian security tracker lists the scope as 'local', which may indicate exploitation requires local network access or a local MUD server context, despite the NVD description stating 'remote attackers'.
  • ·Fixed version in Debian packages is 2.01.5-2 (a patched downstream package), while upstream fix is in version 2.01.7. Ensure version checks account for both upstream and downstream versioning schemes.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.