Vulnerability in Quassel-irc Quassel
CVE-2011-3354
The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September…
EPSS: 0.021 (79.0th percentile) — read the EPSS interpretation.
Affected products
- Quassel-irc Quassel — versions 0.3.0, 0.3.1, 0.4.0
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_OSVDB, vdb-entry)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- secalert@redhat.com (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (vdb-entry, x_refsource_XF)
- secalert@redhat.com (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (mailing-list, x_refsource_MLIST)