{
  "threat_severity" : "Low",
  "public_date" : "2017-06-07T00:00:00Z",
  "bugzilla" : {
    "description" : "irssi: Null pointer dereference while receiving a DCC message without source nick/host",
    "id" : "1459456",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1459456"
  },
  "cvss3" : {
    "cvss3_base_score" : "3.7",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
    "status" : "draft"
  },
  "cwe" : "CWE-476",
  "details" : [ "In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.", "A null pointer dereference was found in the way irssi handles DCC messages that do not contain a source nick/host. A malicious IRC server could be used to crash an irssi client by sending a specially crafted DCC message." ],
  "statement" : "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "irssi",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Will not fix",
    "package_name" : "irssi",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-9468\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-9468\nhttps://irssi.org/security/irssi_sa_2017_06.txt" ],
  "name" : "CVE-2017-9468",
  "csaw" : false
}