Vulnerabilities > Tintin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-12 | CVE-2008-0673 | Multiple Security vulnerability in TinTin++ and WinTin++ '#chat' Command TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunity to decline the request, which allows remote attackers to truncate arbitrary files in the top level of a home directory. | 7.5 |
2008-02-12 | CVE-2008-0672 | Improper Input Validation vulnerability in Tintin Tintin++ and Wintin++ The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference. | 5.0 |
2008-02-12 | CVE-2008-0671 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tintin Tintin++ and Wintin++ Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF. | 10.0 |