Re: Buffer overflow in mIRC allowing arbitary code to be executed.

From: Kevin Day (toastyat_private)
Date: Mon Feb 04 2002 - 17:18:23 PST

Next message: skylinedat_private: "squirrelmail: squirrelspell plugin check_me.mod.php bug"

Previous message: David Litchfield: "Re: Script for find domino's users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 
> General Info
> ------------
> Researched by: James Martin
> Full advisory: http://www.uuuppz.com/research/adv-001-mirc.htm
> Exploit: Proof of concept code available at above URL.
> 
> Product: mIRC
> Website: http://www.mirc.com
> Version: 5.91 and all prior versions (to be best of my knowledge).
> Fix: A patch will be available soon from offical mIRC sites.
>      Please do not download from unofficial sites, as you may download
>      a trojaned version.
> 
> Type: Buffer Overrun
> Risk: High
> 

mIRC 6.0 was released on Sunday, which corrects this issue.

-- Kevin Day

Next message: skylinedat_private: "squirrelmail: squirrelspell plugin check_me.mod.php bug"
Previous message: David Litchfield: "Re: Script for find domino's users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 05 2002 - 08:32:00 PST