CVE-2018-17231

** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary.
References
Link Resource
https://www.openwall.com/lists/oss-security/2018/09/19/8 Exploit Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:telegram:telegram_desktop:1.3.14:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-19 22:29

Updated : 2024-08-05 11:15


NVD link : CVE-2018-17231

Mitre link : CVE-2018-17231

CVE.ORG link : CVE-2018-17231


JSON object : View

Products Affected

telegram

  • telegram_desktop
CWE
CWE-617

Reachable Assertion