Description
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jane Doe · pythondoslinux
https://www.exploit-db.com/exploits/18159
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/50820
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027468
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/77629
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18159
Exploit x_refsource_misc
http://packetstormsecurity.org/files/107312/xchat-dos.txt
Scores
EPSS
0.3114
EPSS Percentile
96.8%
Details
CWE
CWE-119
Status
published
Products (47)
xchat/xchat
1.2.1
xchat/xchat
1.3.9
xchat/xchat
1.3.10
xchat/xchat
1.3.11
xchat/xchat
1.3.12
xchat/xchat
1.3.13
xchat/xchat
1.4
xchat/xchat
1.4.1
xchat/xchat
1.4.2
xchat/xchat
1.4.3
... and 37 more
Published
Aug 30, 2012
Tracked Since
Feb 18, 2026