CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0671

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1300%
EPSS Percentile15.31th
PublishedFeb 12, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.

Affected Platforms (CPE)

πŸ“¦
Tintin

Tintin\+\+

= 1.97.9
πŸ“¦
Tintin

Wintin\+\+

= 1.97.9

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/rintintin-adv.txt
πŸ”— http://secunia.com/advisories/28833
πŸ”— http://security.gentoo.org/glsa/glsa-201111-07.xml
πŸ”— http://securityreason.com/securityalert/3632
πŸ”— http://www.securityfocus.com/archive/1/487687/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/27660
πŸ”— http://www.vupen.com/english/advisories/2008/0449
πŸ”— http://aluigi.altervista.org/adv/rintintin-adv.txt

Related Vulnerabilities

CVE-2019-76299.8

Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to ex...

CVE-2008-06737.5

TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunit...

CVE-2008-06725.0

The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (appli...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...