6.5
CVE-2006-6811
- EPSS 9.99%
- Veröffentlicht 29.12.2006 11:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version5.10
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version6.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.99% | 0.95 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
http://osvdb.org/33443
http://security.gentoo.org/glsa/glsa-200701-26.xml
http://securitytracker.com/id?1017453
http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468
http://www.kde.org/info/security/advisory-20070109-1.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2007:009
http://www.securityfocus.com/archive/1/456379/100/0/threaded
http://www.securityfocus.com/bid/21790
http://www.ubuntu.com/usn/usn-409-1
http://www.vupen.com/english/advisories/2006/5199
https://exchange.xforce.ibmcloud.com/vulnerabilities/31134
https://issues.rpath.com/browse/RPL-922
https://www.exploit-db.com/exploits/3023