oss-sec mailing list archives

CVE request: hexchat buffer overflow

From: Henri Salo <henri () nerv fi>
Date: Tue, 25 Feb 2014 00:56:42 +0200

Can I get 2013 CVE for buffer overflow issue in hexchat, thanks.

Bug report: https://github.com/hexchat/hexchat/issues/463
Fixed in commit: https://github.com/hexchat/hexchat/commit/8996baa35ee12556a7bf402e3568193dbafec5f1
Exploit: http://packetstorm.igor.onlinedirect.bg/1304-exploits/hexchat-overflow.txt
More information: http://osvdb.org/92115

hexchat was recently accepted to Debian unstable:
http://packages.qa.debian.org/h/hexchat.html

I haven't verified this vulnerability or exploit.

---
Henri Salo

Attachment: signature.asc
Description: Digital signature

Current thread:

CVE request: hexchat buffer overflow Henri Salo (Feb 24)
- Re: CVE request: hexchat buffer overflow cve-assign (Feb 25)