Lucene search

[email protected]CVE-2000-0787

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0787

2000-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

command execution

xchat

irc client

encoding shell metacharacters

remote attack

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.11 Low

EPSS

Percentile

95.1%

JSON

IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.

CPENameOperatorVersion
xchat:xchatxchateq1.2.1
xchat:xchatxchateq1.3.10
xchat:xchatxchateq1.4
xchat:xchatxchateq1.5.xdev
xchat:xchatxchateq1.5.6
xchat:xchatxchateq1.3.13
xchat:xchatxchateq1.3.9
xchat:xchatxchateq1.3.12
xchat:xchatxchateq1.4.1
xchat:xchatxchateq1.4.2

CPE	Name	Operator	Version
xchat:xchat	xchat	eq	1.2.1
xchat:xchat	xchat	eq	1.3.10
xchat:xchat	xchat	eq	1.4
xchat:xchat	xchat	eq	1.5.xdev
xchat:xchat	xchat	eq	1.5.6
xchat:xchat	xchat	eq	1.3.13
xchat:xchat	xchat	eq	1.3.9
xchat:xchat	xchat	eq	1.3.12
xchat:xchat	xchat	eq	1.4.1
xchat:xchat	xchat	eq	1.4.2

Rows per page:

1-10 of 111

References

archives.neohapsis.com/archives/bugtraq/2000-08/0215.html

archives.neohapsis.com/archives/bugtraq/2000-08/0301.html

archives.neohapsis.com/archives/bugtraq/2000-08/0305.html

www.redhat.com/support/errata/RHSA-2000-055.html

www.securityfocus.com/bid/1601

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.11 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2000-0787

cvelist1