This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:MIRC-URI-HANDLER-RCE
|
Severity |
Major
|
Recommended |
Yes
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
mIRC URI Handler Remote Code Execution
|
Release Date |
2019/06/03
|
Update Number |
3177
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: mIRC URI Handler Remote Code Execution
This signature detects attempts to exploit a known vulnerability against mIRC URI handler. A successful attack can lead to arbitrary code execution.
Extended Description
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).
Affected Products
- Mirc mirc 4.52
- Mirc mirc 4.6
- Mirc mirc 4.7
- Mirc mirc 4.72
- Mirc mirc 5.0
- Mirc mirc 5.02
- Mirc mirc 5.1
- Mirc mirc 5.11
- Mirc mirc 5.3
- Mirc mirc 5.31
- Mirc mirc 5.4
- Mirc mirc 5.41
- Mirc mirc 5.5
- Mirc mirc 5.51
- Mirc mirc 5.61
- Mirc mirc 5.7
- Mirc mirc 5.71
- Mirc mirc 5.8
- Mirc mirc 5.81
- Mirc mirc 5.82
- Mirc mirc 5.9
- Mirc mirc 5.91
- Mirc mirc 6.0
- Mirc mirc 6.1
- Mirc mirc 6.11
- Mirc mirc 6.12
- Mirc mirc 6.14
- Mirc mirc 6.15
- Mirc mirc 6.17
- Mirc mirc 6.2
- Mirc mirc 6.21
- Mirc mirc 6.3
- Mirc mirc 6.31
- Mirc mirc 6.32
- Mirc mirc 6.33
- Mirc mirc 6.34
- Mirc mirc 6.35
- Mirc mirc 7.1
- Mirc mirc 7.14
- Mirc mirc 7.15
- Mirc mirc 7.17
- Mirc mirc 7.19
- Mirc mirc 7.22
- Mirc mirc 7.25
- Mirc mirc 7.27
- Mirc mirc 7.29
- Mirc mirc 7.32
- Mirc mirc 7.34
- Mirc mirc 7.36
- Mirc mirc 7.38
- Mirc mirc 7.41
- Mirc mirc 7.42
- Mirc mirc 7.43
- Mirc mirc 7.44
- Mirc mirc 7.45
- Mirc mirc 7.46
- Mirc mirc 7.47
- Mirc mirc 7.48
- Mirc mirc 7.49
- Mirc mirc 7.51
- Mirc mirc 7.52
- Mirc mirc 7.53
- Mirc mirc 7.54
References