Debian Tintin vulnerabilities
4 known vulnerabilities affecting debian/tintin.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM1LOW3
Vulnerabilities
Page 1 of 1
CVE-2008-0671P3MEDIUMCVSS 10.0PoCfixed in tintin++ 1.97.9-2 (bookworm)2008
CVE-2008-0671 [CRITICAL] CVE-2008-0671: tintin++ - Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 a...
Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.
Scope: local
bookworm: resolved (fixed in 1.97.9-2)
bullseye: resolved (fixed in 1.97.9-2)
forky: resolved (fixed in 1.97.9-2)
sid: resolved (fixed in 1
debian
CVE-2019-7629P2LOWCVSS 9.8fixed in tintin++ 2.01.5-2 (bookworm)2019
CVE-2019-7629 [CRITICAL] CVE-2019-7629: tintin++ - Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6...
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
Scope: local
bookworm: resolved (fixed in 2.01.5-2)
bullseye: resolved (fixed in 2.01.5-2)
forky: resolved (fixed in 2.01.5-2)
sid: resolved (fixed in 2.01.5-2)
trixie: reso
debian
CVE-2008-0673P3LOWCVSS 7.5fixed in tintin++ 1.97.9-2 (bookworm)2008
CVE-2008-0673 [HIGH] CVE-2008-0673: tintin++ - TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-t...
TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunity to decline the request, which allows remote attackers to truncate arbitrary files in the top level of a home directory.
Scope: local
bookworm: resolved (fixed in 1.97.9-2)
bullseye: resolved (fixed in 1.97.9-2)
forky: resolved (fixed in
debian
CVE-2008-0672P4LOWCVSS 5.0fixed in tintin++ 1.97.9-2 (bookworm)2008
CVE-2008-0672 [MEDIUM] CVE-2008-0672: tintin++ - The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows re...
The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference.
Scope: local
bookworm: resolved (fixed in 1.97.9-2)
bullseye: resolved (fixed in 1.97.9-2)
forky: resolved (fixed in 1.97.9-2)
sid: resolved
debian