[Bug 218852] security/vuxml: weechat CVE-2017-8073

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon Apr 24 18:05:15 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218852

            Bug ID: 218852
           Summary: security/vuxml: weechat CVE-2017-8073
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-secteam at FreeBSD.org
          Reporter: joneum at bsdproject.de
          Assignee: ports-secteam at FreeBSD.org
             Flags: maintainer-feedback?(ports-secteam at FreeBSD.org)

Created attachment 182051
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=182051&action=edit
weechat vuxml

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the
IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function
during quote removal, with a buffer overflow.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8073

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list