mirc software vulnerabilities
vulnerabilities.aspcode.net
Searching mirc software vulnerabilities
The DCC server command in the Mirc 5.5 client d
characters
|
different
|
malicious
|
attackers
|
commands
|
allowing
|
properly
|
location
|
possibly
|
attacker
|
doesn't
|
command
|
execute
|
client
|
server
|
remote
|
filter
|
names
|
place
|
Mirc
|
file
|
DCC
|
The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands.
DDE in mIRC allows local users to launch applic
applications
|
executes
|
executed
|
account
|
another
|
process
|
command
|
message
|
user's
|
allows
|
launch
|
under
|
which
|
other
|
users
|
local
|
mIRC
|
DDE
|
via
|
may
|
DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process.
Buffer overflow in mIRC 5.91 and earlier allows
overflow
|
Buffer
|
mIRC
|
Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname.
Buffer overflow in mIRC 6.0.2 and earlier allow
overflow
|
Buffer
|
mIRC
|
Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value.
Buffer overflow in mIRC before 6.11 allows remo
overflow
|
before
|
Buffer
|
mIRC
|
Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
** DISPUTED ** Buffer overflow in mIRC 5.91, 6.
overflow
|
DISPUTED
|
Buffer
|
mIRC
|
** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk.
** DISPUTED ** Buffer overflow in the font comm
overflow
|
probably
|
DISPUTED
|
command
|
Buffer
|
mIRC
|
font
|
** DISPUTED ** Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the vendor, and that the vendor stated "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk.
The URL handling in Windows XP and Windows Serv
handling
|
Windows
|
Server
|
URL
|
The URL handling in Windows XP and Windows Server 2003, with Windows Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers.
Multiple CRLF injection vulnerabilities in the
vulnerabilities
|
user-assisted
|
Integration
|
unspecified
|
attackers
|
arbitrary
|
injection
|
sequences
|
Multiple
|
Advanced
|
commands
|
possibly
|
execute
|
scripts
|
remote
|
Plugin
|
other
|
allow
|
CRLF
|
name
|
song
|
file
|
mIRC
|
mp3
|
IRC
|
via
|
Multiple CRLF injection vulnerabilities in the Advanced mIRC Integration Plugin and possibly other unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
Multiple unspecified scripts in mIRC allow user
user-assisted
|
unspecified
|
attackers
|
arbitrary
|
Multiple
|
scripts
|
execute
|
remote
|
allow
|
code
|
mIRC
|
'|'
|
via
|
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
The mIRC Control Plug-in for Winamp allows user
user-assisted
|
attackers
|
arbitrary
|
execute
|
Control
|
Plug-in
|
remote
|
Winamp
|
allows
|
code
|
mIRC
|
'|'
|
via
|
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
Software vulnerabilities results 1 to 12 of 12
Page:
1