VDB
CVE-2009-1959
CVE-2009-1959
PUBLISHED
CVSS 8.699999809265137 HIGH
Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.
EPSS 6.47% · 91.3th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
6.47%
91.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| irssi | irssi | 0.8.13 |
Timeline
- May 15, 2009 PoC Published
- Jun 6, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 9, 2023 EPSS Score
References
- http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/ url
- 1022410 vdb
- [oss-security] 20090529 CVE Request (irssi) mailing-list
- 35399 vdb
- http://www.irssi.org/ChangeLog url
- FEDORA-2009-7012 vendor-advisory
- http://bugs.irssi.org/index.php?do=details&task_id=662 url
- 35685 third-party-advisory
- ADV-2009-1596 vdb
- SUSE-SR:2009:012 vendor-advisory
- USN-800-1 vendor-advisory
- 35812 third-party-advisory
- MDVSA-2009:133 vendor-advisory
- irssi-eventwallops-dos(51184) vdb
- 36152 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2009-1959 advisory
- http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite url