KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit

!-- KVIrc 3.4.2 Shiny uri handler remote command execution exploit by Nine:Situations:Group::strawdog Tested against IE8beta/WINxpsp3 software site: http://www.kvirc.net/?lang=en description: "KVIrc is a Multilanguage, graphical IRC-Client for Windows, Linux, Unix and Mac OS..." A command line...

KVIrc 3.4.2 Shiny - URI handler Remote Command Execution

Heaven and Earth are impartial They see the ten thousand things as straw dogs The wise are impartial a href='ircs6://...

KVIrc 3.4.2 Shiny - URI handler Remote Command Execution

KVIrc 3.4.2 Shiny - URI handler Remote Command Execution Heaven and Earth are impartial They see the ten thousand things as straw dogs The wise are impartial/a...

Design/Logic Flaw

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI...

CVE-2008-2841

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI...

CVE-2008-2841

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI...

CVE-2008-2841

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI...

CVE-2008-2841

Removed by vendor...

CVE-2008-2841

The CVE-2008-2841 entry concerns XChat on Windows (versions 2.8.7b and earlier). The root cause is an argument injection vulnerability that occurs when Internet Explorer is used, allowing remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI. The connected d...

XChat 2.8.7b - URI Handler Remote Code Execution (Internet Explorer 67)

XChat 2.8.7b - URI Handler Remote Code Execution Internet Explorer 67 Xchat Welcome to my personal website document.location='ircs://[email protected]" --command "shell calc"' milw0rm.com 2008-06-13...

XChat 2.8.7b - 'ircs://' URI Command Execution

source: https://www.securityfocus.com/bid/29696/info XChat is prone to a vulnerability that allows remote attackers to execute arbitrary commands in the context of the vulnerable user. This issue may lead to a remote compromise. The issue arises because of improper handling of the 'ircs://' URI...