CVE-2008-2841

CVE Database · CVE-2008-2841

CVE-2008-2841

· N/AModified

CVSS v3.1

N/A

EPSS

15.38%

Published

Jun 24, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBXChat 2.8.7b - 'URI Handler' Remote Code Execution (Internet Explorer 6/7)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI.

Weaknesses (CWE)

CWE-94

Affected Products (3)

microsoft · windows_nt

microsoft · internet_explorervulnerable

xchat · xchatvulnerable

References (10)

http://forum.xchat.org/viewtopic.php?t=4218

http://secunia.com/advisories/30695

Vendor Advisory

http://www.securityfocus.com/bid/29696

https://exchange.xforce.ibmcloud.com/vulnerabilities/43065

https://www.exploit-db.com/exploits/5795