Your submission was sent successfully! Close

CVE-2015-2778

Published: 10 April 2015

Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.

Priority

Medium

Status

Package Release Status
quassel
Launchpad, Ubuntu, Debian
artful
Released (0.12.2-0ubuntu0.1)
lucid Ignored
(reached end-of-life)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was released [0.10.0-0ubuntu2.2])
upstream
Released (1:0.10.0-2.3)
utopic
Released (0.10.1-0ubuntu1.2)
vivid Does not exist

wily
Released (0.12.2-0ubuntu0.1)
xenial
Released (0.12.2-0ubuntu0.1)
yakkety
Released (0.12.2-0ubuntu0.1)
zesty
Released (0.12.2-0ubuntu0.1)