Regarding to "UNC paths" its only example of exploit vector, not main problem.
What Fredrik wrote makes seanse. Lack of prompt on click maybe can solve the problem. But please remember that ::ShellExecute scheme/link have permissions from parent DC++ process (process explorer on screen post #1) which also may have a security risk for DC++ users. I think good improvement is create scheme whitelist; ( http://,https://,dchub:// ) Regards -- You received this bug notification because you are a member of Dcplusplus-team, which is subscribed to DC++. https://bugs.launchpad.net/bugs/1502650 Title: DC++ 0.851 - Arbitrary code execution Status in DC++: New Bug description: Details and PoC: http://kacperrybczynski.com/research/dcpp_851_arbitrary_code_execution/ By supplying an UNC path in the *.dcext plugin file or main/pm hub chat, a remote file will be automatically downloaded, which can result in arbitrary code execution. To manage notifications about this bug go to: https://bugs.launchpad.net/dcplusplus/+bug/1502650/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~linuxdcpp-team Post to : linuxdcpp-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~linuxdcpp-team More help : https://help.launchpad.net/ListHelp
