Back to search
CVE-2010-3438
Published: Nov 12, 2019
Modified: Aug 7, 2024
PUBLISHED
Description
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.
| Vendor | Product | Versions |
|---|---|---|
libpoe-component-irc-perl | libpoe-component-irc-perl | affected before v6.32 |
References
https://security-tracker.debian.org/tracker/CVE-2010-3438
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3438
x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581194
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now