CVE-2008-2841

Microsoft Internet Explorer < 2.8.7b - Code Injection

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2841. PoCs published by securfrog.

AI-analyzed exploit summary This exploit leverages a URI handler vulnerability in Xchat <= 2.8.7b on Windows by injecting a command via a malformed IRCS:// URI. The PoC uses a quote character to break out of the URL parameter and append a --command argument to execute arbitrary commands (e.g., launching calc.exe).

Description

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI.

Exploits (1)

exploitdb WORKING POC VERIFIED

by securfrog · htmlremotewindows

https://www.exploit-db.com/exploits/5795

View Code ZIP pw:eip

This exploit leverages a URI handler vulnerability in Xchat <= 2.8.7b on Windows by injecting a command via a malformed IRCS:// URI. The PoC uses a quote character to break out of the URL parameter and append a --command argument to execute arbitrary commands (e.g., launching calc.exe).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Xchat <= 2.8.7b

No auth needed

Prerequisites: Victim must be using Windows with Xchat installed · Victim must be connected to an IRC server · Victim must be using Internet Explorer

MITRE ATT&CK