Unrated severityNVD Advisory· Published Sep 10, 2009· Updated Apr 23, 2026

CVE-2009-3051

Description

Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions.

Affected products

Silcnet/Silc Client6 versions
cpe:2.3:a:silcnet:silc_client:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:silcnet:silc_client:*:*:*:*:*:*:*:*range: <=1.1.7
- cpe:2.3:a:silcnet:silc_client:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_client:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_client:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_client:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_client:1.1.6:*:*:*:*:*:*:*
Silcnet/Silc Toolkit9 versions
cpe:2.3:a:silcnet:silc_toolkit:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:silcnet:silc_toolkit:*:*:*:*:*:*:*:*range: <=1.1.9
- cpe:2.3:a:silcnet:silc_toolkit:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

silcnet.org/general/news/news_client.phpnvdPatchVendor Advisory
silcnet.org/general/news/news_toolkit.phpnvdPatchVendor Advisory
www.debian.org/security/2009/dsa-1879nvdPatch
www.securityfocus.com/bid/35940nvdPatch
www.vupen.com/english/advisories/2009/2150nvdPatchVendor Advisory
secunia.com/advisories/36134nvdVendor Advisory
secunia.com/advisories/36614nvdVendor Advisory
silcnet.org/docs/changelog/SILC%20Client%201.1.8nvdVendor Advisory
silcnet.org/docs/changelog/SILC%20Toolkit%201.1.10nvdVendor Advisory
silcnet.org/docs/release/SILC%20Client%201.1.8nvdVendor Advisory
lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.htmlnvd
www.mandriva.com/security/advisoriesnvd
www.mandriva.com/security/advisoriesnvd
www.openwall.com/lists/oss-security/2009/08/31/5nvd
www.openwall.com/lists/oss-security/2009/09/03/5nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000