CVE-2003-0324 — epic - buffer overflows

Description

Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, or (2) Statusbar capability.

How to fix CVE-2003-0324

To remediate CVE-2003-0324, upgrade the affected package to a fixed version below.

Debian/epic—upgrade to 3.004-17.1 or later
Debian/epic4—upgrade to 1:1.1.11.20030409-1 or later

Is CVE-2003-0324 being exploited?

Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 3.004-17.1
from 0, < 1:1.1.11.20030409-1

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2003-0324