mIRC unfiltered shell characters vulnerability

2007-10-04T00:00:00
ID SECURITYVULNS:VULN:8207
Type securityvulns
Reporter BUGTRAQ
Modified 2007-10-04T00:00:00

Description

Shell characters are not filtered on invoking external URL handler, making it's possible to use URLs like mailto:%xx../../../../../../../../../../../windows/system32/calc.exe".bat