mIRC font Command Local Overflow

2006-01-24T06:11:32
ID OSVDB:22942
Type osvdb
Reporter Jordi Corrales(jordi@shellsec.net)
Modified 2006-01-24T06:11:32

Description

Vulnerability Description

A local overflow exists in mIRC. The product fails to check bounds for font command resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution with the current user privileges resulting in a loss of integrity.

Technical Description

The vendor notes: "As far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC. The author of the report indicates that any malicious software on your computer can modify your mIRC settings to cause mIRC to crash. But if you have malicious software on your computer, you've already compromised your security..."

Solution Description

Upgrade to version 6.17 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in mIRC. The product fails to check bounds for font command resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution with the current user privileges resulting in a loss of integrity.

References:

Vendor URL: http://mirc.com/ Other Advisory URL: http://trout.snt.utwente.nl/ubbthreads/showflat.php?Cat=0&Board=bugreports&Number=118751 Other Advisory URL: http://www.securiteam.com/windowsntfocus/5IP080AHPQ.html Other Advisory URL: http://cyruxnet.org/archivo.php?20060121.00 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0435.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0014.html CVE-2006-0489