CVE-2000-0787
published 2000-10-20CVE-2000-0787: IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses…
PriorityP336high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.21%
94.7th percentile
IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
| xchat | xchat | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9wr3-8fv2-9fcj: IRC Xchat client versions 1
ghsa_unreviewed·2022-04-30
CVE-2000-0787 [HIGH] GHSA-9wr3-8fv2-9fcj: IRC Xchat client versions 1
IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
Red Hat
security flaw
vendor_redhat·2000-08-17·CVSS 7.5
CVE-2000-0787 [HIGH] security flaw
security flaw
IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
Statement: This issue was fixed in the following product:
- Red Hat Linux 6.2 - RHSA-2000:055 (2000-08-22)
No detection rules found.
http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0301.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0305.htmlhttp://www.redhat.com/support/errata/RHSA-2000-055.htmlhttp://www.securityfocus.com/bid/1601http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0301.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0305.htmlhttp://www.redhat.com/support/errata/RHSA-2000-055.htmlhttp://www.securityfocus.com/bid/1601
2000-10-20
Published