VYPR
Unrated severityNVD Advisory· Published Sep 10, 2009· Updated Jun 16, 2026

CVE-2009-3163

CVE-2009-3163

Description

Multiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • Silc/Silc Client8 versions
    cpe:2.3:a:silcnet:silc_client:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:silcnet:silc_client:*:*:*:*:*:*:*:*range: <=1.1.8
    • cpe:2.3:a:silcnet:silc_client:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_client:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_client:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_client:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_client:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_client:1.1.7:*:*:*:*:*:*:*
    • (no CPE)range: <=1.1.8
  • Silc/Silc Toolkit9 versions
    cpe:2.3:a:silcnet:silc_toolkit:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:silcnet:silc_toolkit:*:*:*:*:*:*:*:*range: <=1.1.9
    • cpe:2.3:a:silcnet:silc_toolkit:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:silcnet:silc_toolkit:1.1.8:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.