Unrated severityNVD Advisory· Published Mar 19, 2007· Updated Apr 23, 2026

CVE-2007-1503

Description

Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the create_ctcp_message function using the message argument to the (1) me or (2) ctcp commands, and possibly related vectors involving the (3) whois, (4) mode, and (5) topic commands.

Affected products

Rhapsody Irc/Rhapsody Irc
cpe:2.3:a:rhapsody_irc:rhapsody_irc:0.28b:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/35001nvd
securityreason.com/securityalert/2447nvd
www.securityfocus.com/archive/1/463092/100/0/threadednvd
www.securityfocus.com/bid/23011nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000