Vulnerabilities > Irssi > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-27 | CVE-2016-7044 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code. | 5.0 |
| 2010-04-16 | CVE-2010-1156 | Unspecified vulnerability in Irssi core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel. network irssi | 4.3 |
| 2010-04-16 | CVE-2010-1155 | Improper Input Validation vulnerability in Irssi Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate. | 6.8 |
| 2009-06-08 | CVE-2009-1959 | Numeric Errors vulnerability in Irssi 0.8.13 Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow. | 5.0 |
| 2007-08-18 | CVE-2007-4399 | Unspecified vulnerability in Irssi 0.8.10Rc5 CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. network irssi | 6.8 |
| 2007-08-18 | CVE-2007-4397 | Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. | 6.8 |
| 2006-03-06 | CVE-2006-0458 | Denial of Service vulnerability in Irssi 0.8.10Rc5/0.8.9 The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command. | 5.0 |
| 2004-01-05 | CVE-2003-1020 | Denial-Of-Service vulnerability in irssi The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). | 5.0 |
| 2002-09-24 | CVE-2002-0983 | Denial Of Service vulnerability in Irssi 0.8.4 IRC client irssi in irssi-text before 0.8.4 allows remote attackers to cause a denial of service (crash) via an IRC channel that has a long topic followed by a certain string, possibly triggering a buffer overflow. | 5.0 |