Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
7.9AI Score
0.846EPSS
Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename.
7.2AI Score
0.011EPSS
Multiple CRLF injection vulnerabilities in the Advanced mIRC Integration Plugin and possibly other unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
8AI Score
0.019EPSS
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
7.7AI Score
0.112EPSS
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
7.6AI Score
0.04EPSS
Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.
7.8AI Score
0.832EPSS
mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.
7.5CVSS
7.3AI Score
0.001EPSS
mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled.
5.3CVSS
5.2AI Score
0.001EPSS
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).
8.1CVSS
8AI Score
0.721EPSS