CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-0671

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1300%
EPSS Percentile15.31th
Published2008年2月12日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.

Affected Platforms (CPE)

📦
Tintin

Tintin\+\+

= 1.97.9
📦
Tintin

Wintin\+\+

= 1.97.9

References & Advisories

🔗 http://aluigi.altervista.org/adv/rintintin-adv.txt
🔗 http://secunia.com/advisories/28833
🔗 http://security.gentoo.org/glsa/glsa-201111-07.xml
🔗 http://securityreason.com/securityalert/3632
🔗 http://www.securityfocus.com/archive/1/487687/100/0/threaded
🔗 http://www.securityfocus.com/bid/27660
🔗 http://www.vupen.com/english/advisories/2008/0449
🔗 http://aluigi.altervista.org/adv/rintintin-adv.txt

関連する脆弱性情報

CVE-2019-76299.8

Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to ex...

CVE-2008-06737.5

TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunit...

CVE-2008-06725.0

The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (appli...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...