Your submission was sent successfully! Close

CVE-2017-7191

Published: 27 March 2017

The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
irssi
Launchpad, Ubuntu, Debian
Upstream
Released (1.0.2-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(0.8.19-1ubuntu1.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [0.8.15-5ubuntu3.1])
Patches:
Upstream: https://github.com/irssi/irssi/commit/77b2631c78461965bc9a7414aae206b5c514e1b3