Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0672

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0672
Last Modified 15 Feb 2012 10:31:53
Published 11 Feb 2008 08:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0672

Summary

The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference.

Vulnerable Systems

Application

  • Tintin Wintin%2b%2b 1.97.9

  • Tintin%2b%2b 1.97.9


References

VUPEN - ADV-2008-0449

BID - 27660

BUGTRAQ - 20080206 Chat vulnerabilities in TinTin++ 1.97.9

SECUNIA - 28833

MISC - http://aluigi.altervista.org/adv/rintintin-adv.txt

SREASON - 3632

GENTOO - GLSA-201111-07


Last Updated: 27 May 2016 10:57:26