Описание
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| weechat | fixed | 1.9.1-1 | package | |
| weechat | fixed | 1.6-1+deb9u2 | stretch | package |
| weechat | fixed | 1.0.1-1+deb8u2 | jessie | package |
Примечания
Fixed by: https://github.com/weechat/weechat/commit/f105c6f0b56fb5687b2d2aedf37cb1d1b434d556
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.
CVSS3: 7.5
nvd
больше 8 лет назад
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.
CVSS3: 7.5
github
больше 3 лет назад
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.