IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | 1.3.9 |
| xchat | xchat | 1.4 |
| xchat | xchat | 1.2.1 |
| xchat | xchat | 1.3.10 |
| xchat | xchat | 1.4.1 |
| xchat | xchat | 1.5.xdev |
| xchat | xchat | 1.5.6 |
| xchat | xchat | 1.3.12 |
| xchat | xchat | 1.3.13 |
| xchat | xchat | 1.3.11 |
| xchat | xchat | 1.4.2 |
Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | 1.2.x |
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | 1.4.3 |
| xchat | xchat | 1.4.2 |
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | * |
xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | 2.0.6 |
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | 1.9.9 |
| xchat | xchat | 1.8.7 |
| xchat | xchat | 1.9.4 |
| xchat | xchat | 1.9.2 |
| xchat | xchat | 1.9.6 |
| xchat | xchat | 1.8.5 |
| xchat | xchat | 1.9.1 |
| xchat | xchat | 2.0.1 |
| xchat | xchat | 2.0.5 |
| xchat | xchat | 1.8.2 |
| xchat | xchat | 1.9.0 |
| xchat | xchat | 2.0.6 |
| xchat | xchat | 1.8.4 |
| xchat | xchat | 2.0.3 |
| xchat | xchat | 2.0.7 |
| xchat | xchat | 2.0.8 |
| xchat | xchat | 2.0.2 |
| xchat | xchat | 1.9.8 |
| xchat | xchat | 1.8.9 |
| xchat | xchat | 2.0.4 |
| xchat | xchat | 1.8.6 |
| xchat | xchat | 1.8.1 |
| xchat | xchat | 1.9.5 |
| xchat | xchat | 2.0.0 |
| xchat | xchat | 1.9.3 |
| xchat | xchat | 1.8.8 |
| xchat | xchat | 1.8.3 |
| xchat | xchat | 1.9.7 |
| xchat | xchat | 1.8.0 |
Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG command. NOTE: the vendor has disputed this vulnerability, stating that it does not affect 2.6.7 "or any recent version"
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xchat | xchat | * |
The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hexchat_project | hexchat | * |
| canonical | ubuntu_linux | 15.10 |
| xchat | xchat | - |
| canonical | ubuntu_linux | 14.04 |
| xchat | xchat_gnome | - |
| canonical | ubuntu_linux | 12.04 |