ubuntu · CVE-2017-8073

Quick triage

Priority: medium Published: 2017-04-23 15:59:00 UTC Updated: 2025-08-25 22:39:43 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-8073 medium priority: Ubuntu including 1 source packages (weechat), 6 status rows across 6 suites (precise, trusty, upstream, xenial, yakkety, zesty): released 5, ignored 1.

Description:

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.

cvelogic Threat Intelligence