Threat Encyclopedia

Security Vulnerability CVE-2019-6453 for mIRC

description-logoDescription

mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).

affected-products-logoAffected Products

mIRC

CVE References

CVE-2019-6453