CVE-2007-1502 - Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via

CVE-2007-1502

Summary

Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands.

References

Vulnerable Configurations

cpe:2.3:a:rhapsody_irc:rhapsody_irc:0.28b:*:*:*:*:*:*:*
cpe:2.3:a:rhapsody_irc:rhapsody_irc:0.28b:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-10-2018 - 16:38)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	23011
bugtraq	20070317 Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability
osvdb	35002 35003 35004
sreason	2447

Last major update

16-10-2018 - 16:38

Published

19-03-2007 - 22:19

Last modified

16-10-2018 - 16:38