The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
References
| Link | Resource |
|---|---|
| http://bugs.quassel-irc.org/issues/1314 | Issue Tracking Vendor Advisory |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html | Third Party Advisory |
| http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html | Third Party Advisory |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html | Third Party Advisory |
| http://secunia.com/advisories/61932 | Permissions Required Third Party Advisory |
| http://secunia.com/advisories/62035 | Permissions Required Third Party Advisory |
| http://secunia.com/advisories/62261 | Permissions Required Third Party Advisory |
| http://www.debian.org/security/2014/dsa-3063 | Third Party Advisory |
| http://www.debian.org/security/2014/dsa-3068 | Third Party Advisory |
| http://www.ubuntu.com/usn/USN-2401-1 | Third Party Advisory |
| https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138 | Patch Issue Tracking |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-11-06T15:00:00
Updated: 2015-03-25T12:57:00
Reserved: 2014-10-24T00:00:00
Link: CVE-2014-8483
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-11-06T15:55:09.523
Modified: 2018-10-30T16:27:35.843
Link: CVE-2014-8483
JSON object: View
Redhat Information
No data.
CWE