ALT-PU-2015-1970-1
Closed vulnerabilities
Published: 2015-12-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-5309
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow.
Severity: MEDIUM (4.3)
References:
- FEDORA-2015-3d17682c15
- FEDORA-2015-3d17682c15
- FEDORA-2015-5ad4a1f151
- FEDORA-2015-5ad4a1f151
- openSUSE-SU-2015:2023
- openSUSE-SU-2015:2023
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
- DSA-3409
- DSA-3409
- 1034308
- 1034308
- GLSA-201606-01
- GLSA-201606-01