Vulnerabilities > CVE-2007-4399 - Unspecified vulnerability in Irssi 0.8.10Rc5
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
irssi
Summary
CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html
- http://osvdb.org/37481
- http://secunia.com/advisories/26489
- http://securityreason.com/securityalert/3036
- http://wouter.coekaerts.be/site/security/nowplaying
- http://www.securityfocus.com/archive/1/476283/100/0/threaded
- http://www.securityfocus.com/bid/25281
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35985