CVE-2018-5207

Published: 6 January 2018

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.

Priority

Medium

CVSS 3 base score: 7.5

Status

Notes

GL#18, GL!28

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5207
• https://irssi.org/security/irssi_sa_2018_01.txt
• https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
• https://ubuntu.com/security/notices/USN-3527-1
• NVD
• Launchpad
• Debian

Bugs

• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886475