Stack-based buffer overflow in the inboundcapls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message.
{
"binaries": [
{
"binary_name": "hexchat",
"binary_version": "2.10.2-1ubuntu3"
},
{
"binary_name": "hexchat-common",
"binary_version": "2.10.2-1ubuntu3"
},
{
"binary_name": "hexchat-perl",
"binary_version": "2.10.2-1ubuntu3"
},
{
"binary_name": "hexchat-plugins",
"binary_version": "2.10.2-1ubuntu3"
},
{
"binary_name": "hexchat-python",
"binary_version": "2.10.2-1ubuntu3"
}
]
}