CVE-2009-3163

Metadata

CVE-2009-3163
7.5
silcnet.org, silcnet.org, debian.org, mandriva.com, mandriva.com, openwall.com, openwall.com, securityfocus.com
2009-09-10
2017-06-06 20:21

Description

Multiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users.

Related Vulnerabilities

platform vulnerability
CVE-2009-3163