Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2015-2778

Published: Apr 10, 2015 | Modified: Dec 03, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2015-2778
CWEhttps://cwe.mitre.org/data/definitions/399.html

Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.

Affected Software

Name Vendor Start Version End Version
Quassel Quassel-irc * 0.11.0 (including)
Quassel Ubuntu devel *
Quassel Ubuntu lucid *
Quassel Ubuntu precise *
Quassel Ubuntu trusty *
Quassel Ubuntu upstream *
Quassel Ubuntu utopic *
Quassel Ubuntu vivid *
Quassel Ubuntu wily *
Quassel Ubuntu xenial *
Quassel Ubuntu yakkety *
Quassel Ubuntu zesty *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use