Date: Mon, 24 Apr 2017 18:05:14 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 218852] security/vuxml: weechat CVE-2017-8073 Message-ID: <bug-218852-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218852 Bug ID: 218852 Summary: security/vuxml: weechat CVE-2017-8073 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: ports-secteam@FreeBSD.org Reporter: joneum@bsdproject.de Assignee: ports-secteam@FreeBSD.org Flags: maintainer-feedback?(ports-secteam@FreeBSD.org) Created attachment 182051 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D182051&action= =3Dedit weechat vuxml WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to= the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow. https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8073 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-218852-13>