Info

Disclosure

Dec 02, 2001

Discovery

Dec 02, 2001

Dates

Exploit

Unknown

Solution

Unknown

Description

mIRC contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user runs the program with DDE, which allows another user on the system to run code as the mIRC user. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Other
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Khaled Mardam-Bey	mIRC	2.x
		3.x
		4.x
		5.x

References

CVE ID: 2001-0944 (see also: NVD)
ISS X-Force ID: 8292
Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=100734173831990&w=2
Vendor URL: http://www.mirc.com/index.html

Credit

Shustrik - rootshustrik.com -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Khaled Mardam-Bey

mIRC

References

Credit