Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 4 of 4 results

CVE-2016-2233

Low priority
Vulnerable

Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message.

3 affected packages

hexchat, xchat, xchat-gnome

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hexchat Not affected Not affected Not affected Not affected Vulnerable
xchat Not in release Not in release Not affected Not affected Not in release
xchat-gnome Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2016-2087

Low priority
Vulnerable

Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. (dot dot) in the server name.

3 affected packages

hexchat, xchat, xchat-gnome

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hexchat Not affected Not affected Not affected Not affected Vulnerable
xchat Not in release Not in release Not affected Not affected Not in release
xchat-gnome Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2013-7449

Medium priority

Some fixes available 4 of 6

The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to...

3 affected packages

hexchat, xchat, xchat-gnome

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hexchat Not affected Not affected
xchat Not affected Not in release
xchat-gnome Not in release Not affected
Show less packages

CVE-2011-5129

Medium priority
Ignored

Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.

2 affected packages

xchat, xchat-gnome

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xchat
xchat-gnome
Show less packages