[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XChat 2.8.4-1 - Multiple Vulnerabilities

1) Password disclosure
What priviledges on the system do you need to read that process memory? With such priviledges, why don't you read the data directly from the config file?
2) Local Dos
Is the build unoficial/unsupported from the XChat team? Does the same bug exists in the official builds? You talk about a local dos.. how can a user access the tray icon of another user to trigger the crash?

Please explain