CVE-2020-9759

Name of the Vulnerable Software and Affected Versions LG Electronic web OS TV Emulator (affected versions not specified) WeeChat versions 0.4.0 through 2.7

Description The issue is related to a wrong environment setting that could allow an attacker to escalate privileges and overwrite certain files through crafted configuration files and executable files. Additionally, a malformed message can cause a NULL pointer dereference in the callback function, resulting in a crash.

Recommendations For LG Electronic web OS TV Emulator, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For WeeChat versions 0.4.0 through 2.7, update to version 2.7.1 or later to resolve the issue.