Computer Security
[EN] securityvulns.ru no-pyccku


silc format string vulnerability
Published:04.09.2009
Source:
SecurityVulns ID:10204
Type:library
Threat Level:
5/10
Description:Multiple format string vulnerabilities on different messages parsing.
Affected:SILC : silc 1.1
CVE:CVE-2009-3051 (Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1879-1] New silc-client/silc-toolkit packages fix arbitrary code execution (04.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod