Your submission was sent successfully! Close

CVE-2018-1000178

Published: 8 May 2018

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
quassel
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic
Released (1:0.12.4-3ubuntu1.18.04.3)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Not vulnerable
(1:0.13.1-1ubuntu1.19.10.1)
focal Not vulnerable
(1:0.13.1-1ubuntu2)
groovy Not vulnerable
(1:0.13.1-1ubuntu2)
hirsute Not vulnerable
(1:0.13.1-1ubuntu2)
impish Not vulnerable
(1:0.13.1-1ubuntu2)
jammy Not vulnerable
(1:0.13.1-1ubuntu2)
precise Does not exist

trusty Does not exist
(trusty was released [0.10.0-0ubuntu2.3])
upstream
Released (1:0.12.5-1)
xenial Ignored
(end of standard support, was needed)