Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2007-4396

Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi before 0.8.11 allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.

  • Published: Aug 18, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-4396
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
irssi / irssi - 0.8.9.x