← Back

CVE-2010-1155

nvd nist
Published: Apr 16, 2010Modified: Apr 29, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate.

Affected (24)

Products: Irssi: Irssi
Irssi
1 product
Irssi
Configuration A
24 vulnerable
Vulnerable SoftwareAffected Versions
Irssi
Irssi
Up to 0.8.15
Irssi
Version 0.8.0
Irssi
Version 0.8.10
Irssi
Version 0.8.10 rc5
Irssi
Version 0.8.10 rc6
Irssi
Version 0.8.10 rc7
Irssi
Version 0.8.10 rc8
Irssi
Version 0.8.11
Irssi
Version 0.8.11 rc1
Irssi
Version 0.8.11 rc2
Irssi
Version 0.8.12
Irssi
Version 0.8.12 rc1
Irssi
Version 0.8.13
Irssi
Version 0.8.13 rc1
Irssi
Version 0.8.14
Irssi
Version 0.8.1
Irssi
Version 0.8.2
Irssi
Version 0.8.3
Irssi
Version 0.8.4
Irssi
Version 0.8.5
Irssi
Version 0.8.6
Irssi
Version 0.8.7
Irssi
Version 0.8.8
Irssi
Version 0.8.9

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (38)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.