Kvirc
Products
2- 6 CVEs
- 2 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-2785 | 0.04 | — | 0.08 | Aug 2, 2010 | The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and… | |||
| CVE-2008-4748 | 0.04 | — | 0.08 | Oct 27, 2008 | Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI. | |||
| CVE-2008-7070 | 0.03 | — | 0.05 | Aug 25, 2009 | Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an… | |||
| CVE-2010-2452 | 0.00 | — | 0.04 | Jun 29, 2010 | Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors. | |||
| CVE-2010-2451 | 0.00 | — | 0.03 | Jun 29, 2010 | Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors. | |||
| CVE-2007-2951 | 0.00 | — | 0.03 | Jun 26, 2007 | The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI. | |||
| CVE-1999-1351 | 0.00 | — | 0.02 | Sep 24, 1999 | Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request. |
- CVE-2010-2785Aug 2, 2010risk 0.04cvss —epss 0.08
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and…
- CVE-2008-4748Oct 27, 2008risk 0.04cvss —epss 0.08
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.
- CVE-2008-7070Aug 25, 2009risk 0.03cvss —epss 0.05
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an…
- CVE-2010-2452Jun 29, 2010risk 0.00cvss —epss 0.04
Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
- CVE-2010-2451Jun 29, 2010risk 0.00cvss —epss 0.03
Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
- CVE-2007-2951Jun 26, 2007risk 0.00cvss —epss 0.03
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
- CVE-1999-1351Sep 24, 1999risk 0.00cvss —epss 0.02
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.