CVE-2017-15923

Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
konversationkonversation
1.4 ≤
𝑥
< 1.7.3
debiandebian_linux
7.0
debiandebian_linux
8.0
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
konversation
bullseye
20.12.1-1
fixed
bookworm
22.12.3-1
fixed
sid
22.12.3-1
fixed
trixie
22.12.3-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
konversation
artful
Fixed 1.7.2-1ubuntu1.1
released
zesty
Fixed 1.6.2-0ubuntu1.1
released
xenial
Fixed 1.6-0ubuntu1.1
released
trusty
Fixed 1.5-1ubuntu1.14.04.2
released
References
https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
https://konversation.kde.org/
https://lists.debian.org/debian-lts-announce/2017/11/msg00020.html
https://www.debian.org/security/2017/dsa-4033
https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0
https://konversation.kde.org/
https://lists.debian.org/debian-lts-announce/2017/11/msg00020.html
https://www.debian.org/security/2017/dsa-4033