Quassel
by Quassel Irc
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8547 | Hig | 0.49 | 7.5 | 0.02 | Jan 8, 2016 | The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query. | |
| CVE-2015-2779 | 0.00 | — | 0.02 | Apr 10, 2015 | Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage. | ||
| CVE-2015-2778 | 0.00 | — | 0.02 | Apr 10, 2015 | Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters. | ||
| CVE-2011-3354 | 0.00 | — | 0.02 | Oct 4, 2011 | The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011. |