Vulnerabilities > CVE-2000-0787 - Unspecified vulnerability in Xchat

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

xchat

exploit available

NVD

Published: 2000-10-20

Updated: 2008-09-10

Summary

IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.

Vulnerable Configurations

Part	Description	Count
Application	Xchat Xchat Xchat 1.2.1 Xchat Xchat 1.3.9 Xchat Xchat 1.3.10 Xchat Xchat 1.3.11 Xchat Xchat 1.3.12 Xchat Xchat 1.3.13 Xchat Xchat 1.4 Xchat Xchat 1.4.1 Xchat Xchat 1.4.2 Xchat Xchat 1.5.6 Xchat Xchat 1.5.Xdev	11

Exploit-Db

description	X-Chat 1.2/1.3/1.4/1.5 Command Execution Via URLs Vulnerability. CVE-2000-0787 . Remote exploit for linux platform
id	EDB-ID:20161
last seen	2016-02-02
modified	2000-08-17
published	2000-08-17
reporter	zenith parsec
source	https://www.exploit-db.com/download/20161/
title	X-Chat 1.2/1.3/1.4/1.5 Command Execution Via URLs Vulnerability

Redhat

advisories

rhsa

id	RHSA-2000:055

Summary

Vulnerable Configurations

Exploit-Db

Redhat

References