CVE-2009-20007

Awaiting Analysis
Published: 16 Sept 2025, 15:15
Last modified:17 Sept 2025, 14:18

Vulnerability Summary

Overall Risk
High Risk
60/100
CVSS Score
9.3 CRITICAL
v4.0
EPSS Score
63.65% CRITICAL
98%ile 0.00%
CISA KEV
Not listed
Ransomware
No reports
Exploits
1 found
Dark Web
Not detected
Tags:
Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication.
Source Identifier: disclosure@vulncheck.com
CVSSSourceSeverityExploitabilityImpactVector
v4.0 disclosure@vulncheck.com9.3 CRITICALNANA
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/V...
v3.1n/a
v3.0n/a
v2.0n/a
63.65%
Current Score
0.00%
98%ile
Percentile Rank
0.00%
Loading chart...
Loading chart...
Stack-based Buffer Overflow CWE-121
Description:A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Not listed in CISA Known Exploited Vulnerabilities catalog.

No dark web activity detected for this vulnerability.

metasploit
Windows
exploitVerified
Author: MC <mc@metasploit.com>
Published: 17 Mar 2009, 00:00
Updated: 06 Oct 2025, 17:15
This module exploits a stack buffer overflow in Talkative IRC v0.4.4.16. When a specially crafted response string is sent to a client, an attacker may be able to execute arbitrary code.
CVE-2009-20007OSVDB-64582BID-34141EDB-8227

No affected systems information available.

© 2025 CveMate. All rights reserved.v0.1.3