ASA-2019-00087 – mIRC: Remote code execution using argument injection through custom URI protocol handlers

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00087

Identifier(s)

ASA-2019-00087, CVE-2019-6453

Title

Remote code execution using argument injection through custom URI protocol handlers

Vendor(s)

mIRC Co. Ltd

Product(s)

mIRC

Affected version(s)

mIRC version 7.55 and earlier

Fixed version(s)

mIRC version 7.55

Proof of concept

Yes

Description

mIRC has been shown to be vulnerable to argument injection through its associated URI protocol handlers that improperly escape their parameters.  Using available command-line parameters, an attacker is able to load a remote configuration file and to automatically run arbitrary code.

Technical details

Unknown

Credits

Baptiste Devigne (Geluchat) and Benjamin Chetioui (Siben)

Reference(s)

CVE-2019-6453: RCE on mIRC <7.55 using argument injection through custom URI protocol handlers
https://proofofcalc.com/cve-2019-6453-mIRC/

mIRC: Latest news
https://www.mirc.com/news.html

Proof of calc for CVE-2019-6453
https://github.com/proofofcalc/cve-2019-6453-poc

RCE through URI protocol handlers on mIRC <7.55 (CVE-2019-6453)
https://proofofcalc.com/advisories/20190218.txt

CVE-2019-6453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6453

CVE-2019-6453
https://nvd.nist.gov/vuln/detail/CVE-2019-6453

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: July 23, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.