Vulnerabilities > CVE-2018-17231 - Reachable Assertion vulnerability in Telegram Desktop 1.3.14

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

CWE-617

NVD

Published: 2018-09-19

Updated: 2024-08-05

Summary

Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary

Vulnerable Configurations

Part	Description	Count
Application	Telegram Telegram Telegram Desktop 1.3.14	1

Common Weakness Enumeration (CWE)

CWE-617 - Reachable Assertion

References

https://www.openwall.com/lists/oss-security/2018/09/19/8