Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3438

Опубликовано: 12 нояб. 2019
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:libpoe-component-irc-perl_project:libpoe-component-irc-perl:*:*:*:*:*:*:*:*
Версия до 6.32 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

EPSS

Процентиль: 66%
0.00527
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-134

Связанные уязвимости

ubuntu логотип

CVE-2010-3438

CVSS3: 9.8
ubuntu
около 6 лет назад

libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.

debian логотип

CVE-2010-3438

CVSS3: 9.8
debian
около 6 лет назад

libpoe-component-irc-perl before v6.32 does not remove carriage return ...

github логотип

GHSA-vqr8-85pj-78rw

github
больше 3 лет назад

libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.

EPSS

Процентиль: 66%
0.00527
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-134