Irssi

Irssi

41 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2010-1156

  • EPSS 3.32%
  • Published 16.04.2010 19:30:00
  • Last modified 11.04.2025 00:51:21

core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel.

6.8

CVE-2010-1155

  • EPSS 0.79%
  • Published 16.04.2010 19:30:00
  • Last modified 11.04.2025 00:51:21

Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to sp...

5

CVE-2009-1959

Exploit
  • EPSS 6.92%
  • Published 08.06.2009 01:00:00
  • Last modified 09.04.2025 00:30:58

Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underfl...

6.8

CVE-2007-4399

Exploit
  • EPSS 1.03%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.

6.8

CVE-2007-4398

  • EPSS 1.55%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.

6.8

CVE-2007-4397

Exploit
  • EPSS 3.84%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted rem...

9.3

CVE-2007-4396

  • EPSS 1.65%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi before 0.8.11 allow user-assisted remote a...

5

CVE-2006-0458

  • EPSS 0.93%
  • Published 06.03.2006 23:02:00
  • Last modified 03.04.2025 01:03:51

The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command.

5

CVE-2003-1020

  • EPSS 0.54%
  • Published 05.01.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).

10

CVE-2002-1840

  • EPSS 1.63%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system.