CVE-2016-7044 (retired)

Priority
Description
The unformat_24bit_color function in the format parsing code in Irssi
before 0.8.20, when compiled with true-color enabled, allows remote
attackers to cause a denial of service (heap corruption and crash) via an
incomplete 24bit color code.
Ubuntu-Description
Gabriel Campana and Adrien Guinet discovered that the format parsing
code in Irssi did not properly verify 24bit color codes. A remote
attacker could use this to cause a denial of service (application
crash).
Notes
 sbeattie> introduced in 0.17
Package
Source: irssi (LP Ubuntu Debian)
Upstream:released (0.8.20)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.8.19-1ubuntu1.2)
Patches:
Upstream:https://github.com/irssi/irssi/commit/295a4b77f07f14602eeaa371f00ddbf09910c82b
More Information

Updated: 2019-09-19 15:59:07 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)