{"id":"CVE-2011-5129","details":"Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.","modified":"2024-06-04T04:55:01.700964Z","published":"2012-08-30T22:55:03Z","withdrawn":"2024-06-30T15:56:31.162513Z","references":[{"type":"EVIDENCE","url":"http://packetstormsecurity.org/files/107312/xchat-dos.txt"},{"type":"EVIDENCE","url":"http://www.exploit-db.com/exploits/18159"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/50820"},{"type":"WEB","url":"http://www.osvdb.org/77629"},{"type":"WEB","url":"http://www.securitytracker.com/id?1027468"}],"affected":[{"package":{"name":"xchat","ecosystem":"Debian:10","purl":"pkg:deb/debian/xchat?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.8.8-17","2.8.8-18","2.8.8-19","2.8.8-20","2.8.8-21","2.8.8-22"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-5129.json"}}],"schema_version":"1.7.3"}