CVE-2016-7553
- Source
- https://cve.org/CVERecord?id=CVE-2016-7553
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7553.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-7553
- Downstream
- Related
- Published
- 2017-02-27T22:59:00.480Z
- Modified
- 2026-03-13T14:19:42.014142Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OM3WHWQ7RIAOZSOZZUM4CUYGKSIAGJJ/
- http://www.securityfocus.com/bid/93155
- https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a
- https://irssi.org/security/buf_pl_sa_2016.txt
- http://www.openwall.com/lists/oss-security/2016/09/24/1
- http://www.openwall.com/lists/oss-security/2016/09/26/4
Affected packages
Git / github.com/irssi/scripts.irssi.org
Affected ranges
- Type
- GIT
- Repo
- https://github.com/irssi/scripts.irssi.org
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/irssi/scripts.irssi.org
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.20"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.8.20"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7553.json"