vulnerability
FreeBSD: VID-85e2c7eb-b74b-11e7-8546-5cf3fcfdd1f1 (CVE-2017-15228): irssi -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Oct 22, 2017 | Dec 10, 2025 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Oct 22, 2017
Added
Dec 10, 2025
Modified
Dec 10, 2025
Description
Irssi reports: When installing themes with unterminated colour formatting sequences, Irssi may access data beyond the end of the string. While waiting for the channel synchronisation, Irssi may incorrectly fail to remove destroyed channels from the query list, resulting in use after free conditions when updating the state later on. Certain incorrectly formatted DCC CTCP messages could cause NULL pointer dereference. Overlong nicks or targets may result in a NULL pointer dereference while splitting the message. In certain cases Irssi may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
Solution
freebsd-upgrade-package-irssi
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.