Mirc 7.41 hack3/16/2023 ![]() ![]() Because mIRC doesn't use any kind of sigil such as - to mark the end of the argument list, an attacker is able to pass arguments to mIRC through links opened by the program.” The researchers explained their analysis stating, “.we decided to make a list of all the custom URI schemes available in our registries, filtering the properly sanitized ones, and we stumbled upon the mIRC schemes (irc:, ircs: and mircurl:), that were associated with the following command: 'C:\Program Files (x86)\mIRC\mirc.exe' %1. These schemes were not sanitized properly, allowing other parameters to take over the schemes. Custom URIs used in these applications were found to lead to multiple vulnerabilities.Īccording to the researchers, older versions of the application, prior to the latest 7.55, had three URI schemes 'irc:', 'ircs:', and 'mircurl:' that led to the flaw. Security researchers Baptiste Devigne and Benjamin Chetioui identified this flaw when they were analyzing certain applications based on the Electron framework. MIRC, a well-known IRC chat application for Windows was discovered to have a serious security vulnerability that allows attackers to remotely execute arbitrary code. mIRC versions older than 7.55 are affected by this remote code execution flaw. ![]() The Internet Relay Chat (IRC) application for Windows was found to have a vulnerability in its custom Uniform Resource Identifier(URI) schemes. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |