8 matches found
CVE-2026-49097 Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users
Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from the irc.sendTo Exchange header the constant...
CVE-2026-49097
CVE-2026-49097 affects Apache Camel’s Camel-IRC component. The issue arises when outbound IRC message destinations are taken from non-Camel header names (irc.sendTo and related irc.* headers), which bypass the HTTP header filter. In routes bridging HTTP to irc:, an attacker could set irc.sendTo t...
CVE-2026-49097 Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users
Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from the irc.sendTo Exchange header the constant...
CVE-2007-2478
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...
CVE-2007-2478
CVE-2007-2478 affects Cerulean Studios Trillian Pro’s IRC component prior to 3.1.5.1. It describes two heap-based buffer overflows triggered by long UTF-8 data: (1) a URL with a long UTF-8 string highlighted by the user, and (2) a font HTML tag with a face attribute containing a long UTF-8 string...
CVE-2007-2478
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...
CVE-2002-1487
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service crash by sending the raw messages 1 206, 2 211, 3 213, 4 214, 5 215, 6 217, 7 218, 8 243, 9 302, 10 317, 11 324, 12 332, 13 333, 14 352, and 15 367...
CVE-2002-1487
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service crash by sending the raw messages 1 206, 2 211, 3 213, 4 214, 5 215, 6 217, 7 218, 8 243, 9 302, 10 317, 11 324, 12 332, 13 333, 14 352, and 15 367...