Lucene search
+L

8 matches found

Cvelist
Cvelist
added 2026/07/06 8:10 a.m.33 views

CVE-2026-49097 Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users

Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from the irc.sendTo Exchange header the constant...

0.00428EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 8:10 a.m.4 views

CVE-2026-49097 Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users

Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from the irc.sendTo Exchange header the constant...

6.5CVSS6.2AI score0.00428EPSS
Exploits0References4
CVE
CVE
added 2026/07/06 8:10 a.m.16 views

CVE-2026-49097

CVE-2026-49097 affects Apache Camel’s Camel-IRC component. The issue arises when outbound IRC message destinations are taken from non-Camel header names (irc.sendTo and related irc.* headers), which bypass the HTTP header filter. In routes bridging HTTP to irc:, an attacker could set irc.sendTo t...

6.5CVSS6.1AI score0.00428EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2007/05/03 12:19 a.m.16 views

CVE-2007-2478

Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...

9.3CVSS7.7AI score0.06228EPSS
Exploits0References9
CVE
CVE
added 2007/05/03 12:0 a.m.53 views

CVE-2007-2478

CVE-2007-2478 affects Cerulean Studios Trillian Pro’s IRC component prior to 3.1.5.1. It describes two heap-based buffer overflows triggered by long UTF-8 data: (1) a URL with a long UTF-8 string highlighted by the user, and (2) a font HTML tag with a face attribute containing a long UTF-8 string...

9.3CVSS6.4AI score0.06228EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2007/05/03 12:0 a.m.25 views

CVE-2007-2478

Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...

6.4AI score0.06228EPSS
Exploits0References9
NVD
NVD
added 2003/04/02 5:0 a.m.9 views

CVE-2002-1487

The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service crash by sending the raw messages 1 206, 2 211, 3 213, 4 214, 5 215, 6 217, 7 218, 8 243, 9 302, 10 317, 11 324, 12 332, 13 333, 14 352, and 15 367...

5CVSS6.6AI score0.13637EPSS
Exploits1References3
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.17 views

CVE-2002-1487

The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service crash by sending the raw messages 1 206, 2 211, 3 213, 4 214, 5 215, 6 217, 7 218, 8 243, 9 302, 10 317, 11 324, 12 332, 13 333, 14 352, and 15 367...

6.6AI score0.13637EPSS
Exploits1References3
Rows per page
Query Builder