CVE-2012-5854

Related Files

Gentoo Linux Security Advisory 201405-03

Posted May 5, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-3 - Two vulnerabilities have been found in WeeChat, the worst of which may allow execution of arbitrary code. Versions less than 0.3.9.2 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2012-5534, CVE-2012-5854

SHA-256 | 234a8401e1342ba2fca266d29b5f2e44dac59feca4adaab5bfc0792b304fcdd9

Download | Favorite | View

Mandriva Linux Security Advisory 2013-136

Posted Apr 12, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-136 - A buffer overflow is causing a crash or freeze of WeeChat (0.36 to 0.39) when decoding IRC colors in strings. The packages have been patched to fix this problem. Untrusted command for function hook_process in WeeChat before 0.3.9.2 could lead to execution of commands, because of shell expansions (so the problem is only caused by some scripts, not by WeeChat itself).

tags | advisory, overflow, shell

systems | linux, mandriva

advisories | CVE-2012-5854, CVE-2012-5534

SHA-256 | c9195b3910f07ceccfadb0fdbba608fed8688c11391191f1397e836c44551d20

Download | Favorite | View