CVE-2009-1959

Publication date 8 June 2009

Last updated 24 July 2024

Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
irssi	9.04 jaunty	Fixed 0.8.12-6ubuntu1.1
	8.10 intrepid	Fixed 0.8.12-4ubuntu2.1
	8.04 LTS hardy	Fixed 0.8.12-3ubuntu3.1
	6.06 LTS dapper	Fixed 0.8.10-1ubuntu1.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-800-1
irssi vulnerability
13 July 2009

Other references

http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/
https://www.cve.org/CVERecord?id=CVE-2009-1959