1
Candidate: CVE-2015-5309
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5309
5
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
7
Integer overflow in the terminal emulator in PuTTY before 0.66 allows
8
remote attackers to cause a denial of service (memory corruption) or
9
possibly execute arbitrary code via an ECH (erase characters) escape
10
sequence with a large parameter value, which triggers a buffer underflow.
13
sbeattie> vuln between 0.54 and 0.65 inclusive
20
upstream: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=6056396f77cafc7e40da4d09f1d6212408dcb065
21
upstream_putty: released (0.66-1)
22
precise_putty: ignored (reached end-of-life)
23
precise/esm_putty: DNE (precise was needed)
25
vivid_putty: released (0.63-10+deb8u1build0.15.04.1)
26
vivid/stable-phone-overlay_putty: DNE
27
vivid/ubuntu-core_putty: DNE
28
wily_putty: ignored (reached end-of-life)
29
xenial_putty: not-affected (0.66-1)
30
yakkety_putty: not-affected (0.66-1)
31
zesty_putty: not-affected (0.66-1)
32
artful_putty: not-affected (0.66-1)
33
bionic_putty: not-affected (0.66-1)
34
devel_putty: not-affected (0.66-1)