CVE-2006-0489

Name of the Vulnerable Software and Affected Versions mIRC version 6.16

Description A buffer overflow issue in the font command of mIRC allows local users to execute arbitrary code via a long string. The vendor has disputed this issue, stating it is a local bug in mIRC and not a vulnerability. It is possible that this issue is only exploitable by the user of the application and does not cross privilege boundaries unless in a restrictive environment.

Recommendations For mIRC version 6.16, consider restricting the use of the font command to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.