Lucene search
K

79 matches found

OSV
OSV
added 2017/01/18 5:59 p.m.19 views

CVE-2016-2233

Stack-based buffer overflow in the inboundcapls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service crash via a large number of options in a CAP LS message...

7.5CVSS7.1AI score
Exploits0References3
OSV
OSV
added 2017/01/18 5:59 p.m.1 views

UBUNTU-CVE-2016-2087

Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. dot dot in the server name...

7.4CVSS7.2AI score0.09447EPSS
Exploits5References4
Cvelist
Cvelist
added 2017/01/18 5:0 p.m.21 views

CVE-2016-2233

Stack-based buffer overflow in the inboundcapls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service crash via a large number of options in a CAP LS message...

7.5AI score0.34652EPSS
Exploits5References3
Cvelist
Cvelist
added 2017/01/18 5:0 p.m.17 views

CVE-2016-2087

Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. dot dot in the server name...

7.3AI score0.09447EPSS
Exploits5References3
CVE
CVE
added 2017/01/18 5:0 p.m.61 views

CVE-2016-2233

CVE-2016-2233 affects HexChat 2.10.2, with a stack-based buffer overflow in inbound_cap_ls (common/inbound.c) that allows remote IRC servers to crash the client by sending many CAP LS options. This is documented across multiple feeds (NVD, OSV, Debian tracker, CNVD, CVE lists) confirming the vuln...

7.5CVSS7.4AI score0.34652EPSS
Exploits5References3Affected Software1
Debian CVE
Debian CVE
added 2017/01/18 5:0 p.m.42 views

CVE-2016-2233

Stack-based buffer overflow in the inboundcapls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service crash via a large number of options in a CAP LS message...

7.5CVSS7.5AI score0.34652EPSS
Exploits5
CVE
CVE
added 2017/01/18 5:0 p.m.173 views

CVE-2016-2087

HexChat 2.11.0 contains a directory traversal vulnerability in the client that allows a remote IRC server to read or modify arbitrary files via a ... in the server name. Multiple connected advisories confirm affected software and fixed/mitigation status: OSV and Debian advisories indicate the iss...

7.4CVSS7.2AI score0.09447EPSS
Exploits5References3Affected Software1
Debian CVE
Debian CVE
added 2017/01/18 5:0 p.m.38 views

CVE-2016-2087

Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. dot dot in the server name...

7.4CVSS7.3AI score0.09447EPSS
Exploits5
CNVD
CNVD
added 2016/04/28 12:0 a.m.4 views

HexChat-GNOME Man-in-the-Middle Attack Vulnerability

HexChat formerly known as XChat-WDK, XChat and XChat-GNOME are all IRC a form of instant chat over the Internet communication programs. Versions of XChat,XChat-GNOME prior to HexChat 2.10.2 suffer from a man-in-the-middle attack vulnerability, which allows a man-in-the-middle attacker to spoof SS...

6.5CVSS6.9AI score0.00757EPSS
Exploits0References1
OSV
OSV
added 2016/04/21 2:59 p.m.4 views

UBUNTU-CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5CVSS6.7AI score0.00757EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2016/04/21 2:59 p.m.22 views

CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5CVSS6.7AI score0.00757EPSS
Exploits0References6
NVD
NVD
added 2016/04/21 2:59 p.m.24 views

CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5CVSS6.3AI score0.00757EPSS
Exploits0References5
OSV
OSV
added 2016/04/21 2:59 p.m.6 views

CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5CVSS6.6AI score
Exploits0References5
Cvelist
Cvelist
added 2016/04/21 2:0 p.m.30 views

CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.3AI score0.00757EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2016/04/21 2:0 p.m.22 views

CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5CVSS6.3AI score0.00757EPSS
Exploits0
seebug.org
seebug.org
added 2016/04/06 12:0 a.m.20 views

Hexchat IRC Client缓冲区溢出漏洞

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2016/04/06 12:0 a.m.25 views

Hexchat IRC Client Stack Buffer Overflow Vulnerability

Hexchat formerly known as XChat-WDK is a cross-platform IRC Instant Chat over the Internet communications software. Hexchat IRC Client is one of the IRC client products based on XChat. Hexchat IRC Client version 2.11.0 suffers from a stack buffer overflow vulnerability in the 'inboundcapls'...

7.5CVSS7AI score0.34652EPSS
Exploits5References1
CNVD
CNVD
added 2016/04/06 12:0 a.m.2 views

Hexchat IRC Client Directory Traversal Vulnerability

Hexchat formerly known as XChat-WDK is a cross-platform IRC Instant Chat over the Internet communications software. Hexchat IRC Client is one of the IRC client products based on XChat. Hexchat IRC Client version 2.11.0 has a directory traversal vulnerability in the 'logcreatepathname' function in...

7.4CVSS7AI score0.09447EPSS
Exploits5References1
Packet Storm
Packet Storm
added 2016/04/05 12:0 a.m.33 views

Hexchat IRC Client 2.11.0 CAP LS Handling Buffer Overflow

!/usr/bin/python Meta information Exploit Title: Hexchat IRC client - CAP LS Handling Stack Buffer Overflow Date: 2016-02-07 Exploit Author: PizzaHatHacker Vendor Homepage: https://hexchat.github.io/index.html Software Link: https://hexchat.github.io/downloads.html Version: 2.11.0 Tested on:...

6.6CVSS7.6AI score0.34652EPSS
Exploits5
Packet Storm
Packet Storm
added 2016/04/05 12:0 a.m.32 views

Hexchat IRC Client 2.11.0 Directory Traversal

!/usr/bin/python Meta information Exploit Title: Hexchat IRC client - Server name log directory traversal Date: 2016-01-26 Exploit Author: PizzaHatHacker Vendor Homepage: https://hexchat.github.io/index.html Software Link: https://hexchat.github.io/downloads.html Version: 2.11.0 Tested on: HexCha...

4.8CVSS7.4AI score0.09447EPSS
Exploits5
Rows per page
Query Builder