 |
|
|
|
| Rhapsody IRC client multiplesecurity vulnerabilities | | Published: |  | 18.03.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7423 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Multiple buffer overflows and formatstring vulnerabilities. |
| Affected: |  | RHAPSODY : Rhapsody IRC 0.28 | | CVE: |  | CVE-2007-1503 (Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the create_ctcp_message function using the message argument to the (1) me or (2) ctcp commands, and possibly related vectors involving the (3) whois, (4) mode, and (5) topic commands.) | | | | CVE-2007-1502 (Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands.) |
|
|
|
|
|
|
|
|
