Computer Security
[EN] securityvulns.ru no-pyccku


Rhapsody IRC client multiplesecurity vulnerabilities
Published:18.03.2007
Source:
SecurityVulns ID:7423
Type:client
Threat Level:
5/10
Description:Multiple buffer overflows and formatstring vulnerabilities.
Affected:RHAPSODY : Rhapsody IRC 0.28
CVE:CVE-2007-1503 (Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the create_ctcp_message function using the message argument to the (1) me or (2) ctcp commands, and possibly related vectors involving the (3) whois, (4) mode, and (5) topic commands.)
 CVE-2007-1502 (Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands.)
Original documentdocumentstarcadi starcadi, Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability (18.03.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod