CVE-2009-20007

CRITICAL

Talkative IRC v0.4.4.16 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2009-20007. PoCs published by Metasploit, LiquidWorm, MC, including Metasploit module exploits/windows/misc/talkative_response.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Talkative IRC v0.4.4.16 by sending a crafted response string to a client, allowing arbitrary code execution. The exploit uses a TCP server to deliver the payload and leverages a known return address for Windows XP SP3 English.

Description

Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16459

This Metasploit module exploits a stack buffer overflow in Talkative IRC v0.4.4.16 by sending a crafted response string to a client, allowing arbitrary code execution. The exploit uses a TCP server to deliver the payload and leverages a known return address for Windows XP SP3 English.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Talkative IRC v0.4.4.16
No auth needed
Prerequisites: Network access to the target IRC client · Target must be running Talkative IRC v0.4.4.16
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by LiquidWorm · perlremotewindows
https://www.exploit-db.com/exploits/8227

This Perl script exploits a stack-based buffer overflow in Talkative IRC 0.4.4.16 by sending a crafted PRIVMSG to overwrite SEH and EIP, leading to arbitrary code execution via a bind shell on port 6161.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Talkative IRC 0.4.4.16
No auth needed
Prerequisites: Network access to the target IRC client · Target must connect to the malicious IRC server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/talkative_response.rb

This Metasploit module exploits a stack buffer overflow in Talkative IRC v0.4.4.16 by sending a crafted response string to a client, allowing arbitrary code execution. The exploit uses a TCP server to deliver the payload, leveraging a known return address for Windows XP SP3 English.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Talkative IRC v0.4.4.16
No auth needed
Prerequisites: Network access to the target IRC client · Target running Talkative IRC v0.4.4.16
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v4 9.3
EPSS 0.0168
EPSS Percentile 73.9%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-121
Status published
Products (1)
Talkative/Talkative IRC < 0.4.4.16
Published Sep 16, 2025
Tracked Since Feb 18, 2026