Xchat : Security Vulnerabilities, CVEs, (Code Execution)
Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).
Max CVSS
9.8
EPSS Score
1.97%
Published
2020-02-21
Updated
2020-03-05
Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname.
Max CVSS
7.5
EPSS Score
1.11%
Published
2001-10-18
Updated
2017-10-10
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
18.93%
Published
2004-06-01
Updated
2017-10-11
Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Max CVSS
6.9
EPSS Score
0.04%
Published
2009-01-28
Updated
2009-03-06
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
Max CVSS
5.0
EPSS Score
81.05%
Published
2012-08-30
Updated
2013-02-14
5 vulnerabilities found