CVE-2002-2155

critical

Description

Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name.

References

http://www.securityfocus.com/bid/5388

http://www.securityfocus.com/archive/1/285695

http://www.iss.net/security_center/static/9761.php

Details

Source: Mitre, NVD

Published: 2002-12-31

Updated: 2008-09-05

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics