Re: XChat 2.8.4-1 - Multiple Vulnerabilities

[fabio <ctrlaltca () libero it>]

1) Password disclosure
What priviledges on the system do you need to read that process memory? 
With such priviledges, why don't you read the data directly from the 
config file?
2) Local Dos
Is the build unoficial/unsupported from the XChat team? Does the same 
bug exists in the official builds?
You talk about a local dos.. how can a user access the tray icon of 
another user to trigger the crash?

Please explain

CtrlAltCa