CVE-2010-3438

Name of the Vulnerable Software and Affected Versions libpoe-component-irc-perl versions prior to 6.32

Description The issue allows execution of arbitrary IRC commands by passing a specially crafted argument to the 'privmsg' handler, potentially causing the client to disconnect from the server. This can be achieved by including carriage returns and line feeds in the argument, such as "some textrQUIT".

Recommendations For versions prior to 6.32, consider removing or properly handling carriage returns and line feeds in arguments passed to the 'privmsg' handler to prevent arbitrary IRC command execution. As a temporary workaround, restrict the use of the 'privmsg' handler until a proper fix is applied.