The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
{ "binaries": [ { "binary_version": "0.12.2-0ubuntu1.16.04.2", "binary_name": "quassel" }, { "binary_version": "0.12.2-0ubuntu1.16.04.2", "binary_name": "quassel-client" }, { "binary_version": "0.12.2-0ubuntu1.16.04.2", "binary_name": "quassel-client-qt4" }, { "binary_version": "0.12.2-0ubuntu1.16.04.2", "binary_name": "quassel-core" }, { "binary_version": "0.12.2-0ubuntu1.16.04.2", "binary_name": "quassel-data" }, { "binary_version": "0.12.2-0ubuntu1.16.04.2", "binary_name": "quassel-qt4" } ] }