CVE-2019-7629

Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
tintin\+\+_projecttintin\+\+
2.01.6
tintin\+\+_projectwintin\+\+
2.01.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
tintin++
bullseye
2.02.03-1
fixed
stretch
no-dsa
jessie
no-dsa
bookworm
2.02.20-1
fixed
sid
2.02.20-1
fixed
trixie
2.02.20-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
tintin++
noble
Fixed 2.01.5-2
released
mantic
Fixed 2.01.5-2
released
lunar
Fixed 2.01.5-2
released
kinetic
Fixed 2.01.5-2
released
jammy
Fixed 2.01.5-2
released
impish
Fixed 2.01.5-2
released
hirsute
Fixed 2.01.5-2
released
groovy
Fixed 2.01.5-2
released
focal
Fixed 2.01.5-2
released
eoan
Fixed 2.01.5-2
released
disco
ignored
cosmic
ignored
bionic
needs-triage
xenial
needs-triage
trusty
dne
Common Weakness Enumeration
References
https://tintin.sourceforge.io/forum/viewtopic.php?f=1&t=2584&sid=31b77bb001faea9269bf224280960e29#p10505
https://tintin.sourceforge.io/news.php
https://trustfoundry.net/cve-2019-7629-rce-in-an-open-source-mud-client/
https://tintin.sourceforge.io/forum/viewtopic.php?f=1&t=2584&sid=31b77bb001faea9269bf224280960e29#p10505
https://tintin.sourceforge.io/news.php
https://trustfoundry.net/cve-2019-7629-rce-in-an-open-source-mud-client/