{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-11-25T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-02-14T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "50820", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/50820"}, {"name": "1027468", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027468"}, {"name": "77629", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/77629"}, {"name": "18159", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/18159"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.org/files/107312/xchat-dos.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-5129", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "50820", "refsource": "BID", "url": "http://www.securityfocus.com/bid/50820"}, {"name": "1027468", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027468"}, {"name": "77629", "refsource": "OSVDB", "url": "http://www.osvdb.org/77629"}, {"name": "18159", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/18159"}, {"name": "http://packetstormsecurity.org/files/107312/xchat-dos.txt", "refsource": "MISC", "url": "http://packetstormsecurity.org/files/107312/xchat-dos.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:23:40.241Z"}, "title": "CVE Program Container", "references": [{"name": "50820", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/50820"}, {"name": "1027468", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027468"}, {"name": "77629", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/77629"}, {"name": "18159", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/18159"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.org/files/107312/xchat-dos.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-5129", "datePublished": "2012-08-30T22:00:00", "dateReserved": "2012-08-30T00:00:00", "dateUpdated": "2024-08-07T00:23:40.241Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xchat:xchat:*:*:*:*:*:*:*:*", "matchCriteriaId": "251F8C65-B10B-477E-86B0-43821EB35A95", "versionEndIncluding": "2.8.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B8C5104-52ED-42EC-97A5-05D345597496", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DAF68327-9D45-41F3-B120-C9E71A0A3259", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "07373BC7-F34E-47A2-9057-64C04C45EA26", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "F18504E4-03C8-45C9-B89D-86327D5663D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "3F6EE47C-0AE8-4CCD-8A2D-54E55BE9C7D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "103E7180-AFF5-4EBF-A9FD-EFE2A6C00256", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D371520F-1F2D-4EAB-A4D1-5CD13DBF6C62", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CA8BBE2-4ABE-4574-9BD7-A26F2FF25333", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "74588BF3-4DA4-410B-8416-C90E7F446238", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "07D90F28-4BD2-4581-A8B7-ED90A9ECEF53", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "721836E8-A4B6-46D6-BEDD-9B269DDB0525", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "06627FAB-2A5B-428D-A081-9628DC55E4AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "655D162F-1944-4D88-A2C0-825F7EED0BAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C5454B5-AC2F-4B8E-BC20-2273472D0401", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "B4BEFD40-62D5-4007-9D35-6865D6482D89", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "A0F904EA-16E1-401B-BD5A-1A9B5B32E6A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "D02490BD-4B30-4213-A03E-443CAEE6C3DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "55162523-7648-4F94-BE7B-0B7E2EE598FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "83CC33D0-37D8-4C9C-BD89-560DFFF77F0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "64EE28DD-21CB-4DC3-91CE-E74B3D3F0F3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.8.9:*:*:*:*:*:*:*", "matchCriteriaId": "BC2A5D0A-9C46-4631-BE22-472B0E748FB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "62820427-7013-4C10-AC31-BE11764F782F", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "E19C5E12-5A0B-4225-8409-BEA5BD2CD31B", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "90D3F7D0-36F9-42DF-AA2F-658C767F9CAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "90006D01-8C0D-45DA-BF65-901E95C149BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "7767D8F8-0AC6-473F-BEFA-0FA3EB88E7CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "6EB78C64-BA92-4B41-83F0-22AF8F26F930", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "9E2D2DE3-1278-44F9-996D-A2102690D88F", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "1E571CEA-967E-4A99-B742-80E96C3275B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "DFEE0D77-576D-4A80-BD29-39EA6602C2AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:1.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "D3221D9F-F47B-4DD5-8328-EBFC27549F98", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C6109751-01D8-4585-A19C-F4F0D03FB82A", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "10CFC601-73D7-4341-9606-D02128B86F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "14124429-8DF7-44BB-8CBB-C4E04DB4FD99", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "08F7D59F-A504-45B7-B8D8-6F3AB799788A", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "72AF16EE-1B98-448F-8575-1EABFCD7CBEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "AB08B68B-C557-4285-9AAD-226EADD84DC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "2191D045-A2A9-47E0-A5CB-A4FF7C7D7179", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "638F3791-6343-498F-9BE2-73175606F6F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "6EFB0F36-CFF1-41F8-AC43-D00165639DBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "673B2CA0-C2D3-441C-9946-7FE12FB4BCBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C2CE006-DAA0-40BA-A291-EBBC07147D68", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D92D905-9E86-40CE-ADF1-F561A2FC2F94", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "8649CA9A-87C6-4C89-A47A-2BE3E1025447", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.3:c:*:*:*:*:*:*", "matchCriteriaId": "096F6B6A-E7A7-439C-BB04-D53D345B5936", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.3:e:*:*:*:*:*:*", "matchCriteriaId": "35FBBED7-FF29-411B-BE9A-C499D3CF64C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "795E05AC-3F7B-41A9-B3DE-D8A375873642", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.5:b:*:*:*:*:*:*", "matchCriteriaId": "37C966CE-BA65-408F-BE1E-006F0C3DBAD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.5:e:*:*:*:*:*:*", "matchCriteriaId": "4048F9F4-E94D-445A-A228-5899A5CE7BCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "1FF7EF6E-C303-45F0-83B3-149EF2B269BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7:a:*:*:*:*:*:*", "matchCriteriaId": "036260CB-9B35-41D4-BF8D-1FF55F3851C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7:b:*:*:*:*:*:*", "matchCriteriaId": "2215683D-9A27-47BC-A39F-92C134A236A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7:c:*:*:*:*:*:*", "matchCriteriaId": "ABDDDBC6-8A14-4596-9811-C202C48AA8E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7:d:*:*:*:*:*:*", "matchCriteriaId": "D212BF9E-CC88-48A9-B336-FECEC0672114", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7:e:*:*:*:*:*:*", "matchCriteriaId": "AEB4C892-87AA-4211-9B7B-9FA3E70F6DF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7:f:*:*:*:*:*:*", "matchCriteriaId": "B689B885-363C-46FC-9EE5-2DC1EE617102", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.7b:*:*:*:*:*:*:*", "matchCriteriaId": "D9A942FC-C19B-4585-91AF-8ECFD6D76CBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:xchat:xchat:2.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "B9923817-4F47-4622-BF41-B9391006F698", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en XChat v2.8.9 y anterior permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente la ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s de una cadena de respuesta larga."}], "id": "CVE-2011-5129", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-30T22:55:03.733", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.org/files/107312/xchat-dos.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18159"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/77629"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/50820"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1027468"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://packetstormsecurity.org/files/107312/xchat-dos.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18159"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/77629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/50820"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1027468"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "xchat: Heap-based buffer overflow (crash, ACE) via long response string", "id": "853321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853321"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "cwe": "CWE-122", "details": ["Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string."], "name": "CVE-2011-5129", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "xchat", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "xchat", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2012-08-31T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-5129\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-5129"], "statement": "This bug is not a security issue. For detailed explanation, refer to: \nhttps://bugzilla.redhat.com/show_bug.cgi?id=853321#c4"}