Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for kvirc by kvirc

    CVE-2010-2785 (GCVE-0-2010-2785)

    Vulnerability from nvd – Published: 2010-08-02 19:00 – Updated: 2024-08-07 02:46
    VLAI
    Summary
    The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://bugs.gentoo.org/show_bug.cgi?id=330111 x_refsource_CONFIRM
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/40796 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/66648 vdb-entryx_refsource_OSVDB
    https://svn.kvirc.de/kvirc/changeset/4693 x_refsource_CONFIRM
    http://marc.info/?l=oss-security&m=128041011428629&w=2 mailing-listx_refsource_MLIST
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://openwall.com/lists/oss-security/2010/07/28/1 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/40727 third-party-advisoryx_refsource_SECUNIA
    https://svn.kvirc.de/kvirc/ticket/858 x_refsource_CONFIRM
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    Date Public
    2010-07-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:46:48.031Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
              },
              {
                "name": "FEDORA-2010-11524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
              },
              {
                "name": "40796",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40796"
              },
              {
                "name": "66648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/66648"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://svn.kvirc.de/kvirc/changeset/4693"
              },
              {
                "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
              },
              {
                "name": "SUSE-SR:2010:014",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
              },
              {
                "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
              },
              {
                "name": "40727",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40727"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://svn.kvirc.de/kvirc/ticket/858"
              },
              {
                "name": "FEDORA-2010-11506",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-07-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-09T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
            },
            {
              "name": "FEDORA-2010-11524",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
            },
            {
              "name": "40796",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40796"
            },
            {
              "name": "66648",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/66648"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://svn.kvirc.de/kvirc/changeset/4693"
            },
            {
              "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
            },
            {
              "name": "SUSE-SR:2010:014",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
            },
            {
              "name": "40727",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40727"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://svn.kvirc.de/kvirc/ticket/858"
            },
            {
              "name": "FEDORA-2010-11506",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2010-2785",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=330111",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
                },
                {
                  "name": "FEDORA-2010-11524",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
                },
                {
                  "name": "40796",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40796"
                },
                {
                  "name": "66648",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/66648"
                },
                {
                  "name": "https://svn.kvirc.de/kvirc/changeset/4693",
                  "refsource": "CONFIRM",
                  "url": "https://svn.kvirc.de/kvirc/changeset/4693"
                },
                {
                  "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
                },
                {
                  "name": "SUSE-SR:2010:014",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
                },
                {
                  "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
                },
                {
                  "name": "40727",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40727"
                },
                {
                  "name": "https://svn.kvirc.de/kvirc/ticket/858",
                  "refsource": "CONFIRM",
                  "url": "https://svn.kvirc.de/kvirc/ticket/858"
                },
                {
                  "name": "FEDORA-2010-11506",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-2785",
        "datePublished": "2010-08-02T19:00:00.000Z",
        "dateReserved": "2010-07-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:46:48.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2452 (GCVE-0-2010-2452)

    Vulnerability from nvd – Published: 2010-06-29 18:00 – Updated: 2024-08-07 02:32
    VLAI
    Summary
    Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.omnikron.net/pipermail/kvirc/2010-Ma… mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/40746 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2010/1602 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2010/dsa-2065 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/40349 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:32:16.606Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2010-10522",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
              },
              {
                "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
              },
              {
                "name": "40746",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40746"
              },
              {
                "name": "ADV-2010-1602",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1602"
              },
              {
                "name": "FEDORA-2010-10529",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
              },
              {
                "name": "DSA-2065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2010/dsa-2065"
              },
              {
                "name": "40349",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40349"
              },
              {
                "name": "SUSE-SR:2010:014",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-09T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2010-10522",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
            },
            {
              "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
            },
            {
              "name": "40746",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40746"
            },
            {
              "name": "ADV-2010-1602",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1602"
            },
            {
              "name": "FEDORA-2010-10529",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
            },
            {
              "name": "DSA-2065",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2065"
            },
            {
              "name": "40349",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40349"
            },
            {
              "name": "SUSE-SR:2010:014",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-2452",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2010-10522",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
                },
                {
                  "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                  "refsource": "MLIST",
                  "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
                },
                {
                  "name": "40746",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40746"
                },
                {
                  "name": "ADV-2010-1602",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1602"
                },
                {
                  "name": "FEDORA-2010-10529",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
                },
                {
                  "name": "DSA-2065",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2010/dsa-2065"
                },
                {
                  "name": "40349",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40349"
                },
                {
                  "name": "SUSE-SR:2010:014",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-2452",
        "datePublished": "2010-06-29T18:00:00.000Z",
        "dateReserved": "2010-06-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:32:16.606Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2451 (GCVE-0-2010-2451)

    Vulnerability from nvd – Published: 2010-06-29 18:00 – Updated: 2024-08-07 02:32
    VLAI
    Summary
    Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.omnikron.net/pipermail/kvirc/2010-Ma… mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/40746 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2010/1602 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2010/dsa-2065 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/40349 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:32:16.580Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2010-10522",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
              },
              {
                "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
              },
              {
                "name": "40746",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40746"
              },
              {
                "name": "ADV-2010-1602",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1602"
              },
              {
                "name": "FEDORA-2010-10529",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
              },
              {
                "name": "DSA-2065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2010/dsa-2065"
              },
              {
                "name": "40349",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40349"
              },
              {
                "name": "SUSE-SR:2010:014",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-09T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2010-10522",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
            },
            {
              "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
            },
            {
              "name": "40746",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40746"
            },
            {
              "name": "ADV-2010-1602",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1602"
            },
            {
              "name": "FEDORA-2010-10529",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
            },
            {
              "name": "DSA-2065",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2065"
            },
            {
              "name": "40349",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40349"
            },
            {
              "name": "SUSE-SR:2010:014",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-2451",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2010-10522",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
                },
                {
                  "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                  "refsource": "MLIST",
                  "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
                },
                {
                  "name": "40746",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40746"
                },
                {
                  "name": "ADV-2010-1602",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1602"
                },
                {
                  "name": "FEDORA-2010-10529",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
                },
                {
                  "name": "DSA-2065",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2010/dsa-2065"
                },
                {
                  "name": "40349",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40349"
                },
                {
                  "name": "SUSE-SR:2010:014",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-2451",
        "datePublished": "2010-06-29T18:00:00.000Z",
        "dateReserved": "2010-06-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:32:16.580Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-7070 (GCVE-0-2008-7070)

    Vulnerability from nvd – Published: 2009-08-25 10:00 – Updated: 2024-08-07 11:56
    VLAI
    Summary
    Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://retrogod.altervista.org/kvirc_342_cmd.html x_refsource_MISC
    http://www.securityfocus.com/archive/1/498557/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/7181 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/32410 vdb-entryx_refsource_BID
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:56:13.568Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
              },
              {
                "name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
              },
              {
                "name": "7181",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/7181"
              },
              {
                "name": "32410",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32410"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              },
              {
                "name": "kvirc-multiple-uri-command-execution(46779)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a \" (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI.  NOTE: this might be due to an incomplete fix for CVE-2007-2951."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
            },
            {
              "name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
            },
            {
              "name": "7181",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/7181"
            },
            {
              "name": "32410",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32410"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            },
            {
              "name": "kvirc-multiple-uri-command-execution(46779)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-7070",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a \" (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI.  NOTE: this might be due to an incomplete fix for CVE-2007-2951."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://retrogod.altervista.org/kvirc_342_cmd.html",
                  "refsource": "MISC",
                  "url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
                },
                {
                  "name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
                },
                {
                  "name": "7181",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/7181"
                },
                {
                  "name": "32410",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32410"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                },
                {
                  "name": "kvirc-multiple-uri-command-execution(46779)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-7070",
        "datePublished": "2009-08-25T10:00:00.000Z",
        "dateReserved": "2009-08-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:56:13.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-4748 (GCVE-0-2008-4748)

    Vulnerability from nvd – Published: 2008-10-27 19:00 – Updated: 2024-08-07 10:24
    VLAI
    Summary
    Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/6832 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/31912 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/4508 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2008/2926 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-10-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:24:21.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "6832",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6832"
              },
              {
                "name": "31912",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31912"
              },
              {
                "name": "kvirc-irc-format-string(46114)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
              },
              {
                "name": "4508",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4508"
              },
              {
                "name": "ADV-2008-2926",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2926"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "6832",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6832"
            },
            {
              "name": "31912",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31912"
            },
            {
              "name": "kvirc-irc-format-string(46114)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
            },
            {
              "name": "4508",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4508"
            },
            {
              "name": "ADV-2008-2926",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2926"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-4748",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "6832",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6832"
                },
                {
                  "name": "31912",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/31912"
                },
                {
                  "name": "kvirc-irc-format-string(46114)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
                },
                {
                  "name": "4508",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4508"
                },
                {
                  "name": "ADV-2008-2926",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/2926"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-4748",
        "datePublished": "2008-10-27T19:00:00.000Z",
        "dateReserved": "2008-10-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:24:21.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2785 (GCVE-0-2010-2785)

    Vulnerability from cvelistv5 – Published: 2010-08-02 19:00 – Updated: 2024-08-07 02:46
    VLAI
    Summary
    The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://bugs.gentoo.org/show_bug.cgi?id=330111 x_refsource_CONFIRM
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/40796 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/66648 vdb-entryx_refsource_OSVDB
    https://svn.kvirc.de/kvirc/changeset/4693 x_refsource_CONFIRM
    http://marc.info/?l=oss-security&m=128041011428629&w=2 mailing-listx_refsource_MLIST
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://openwall.com/lists/oss-security/2010/07/28/1 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/40727 third-party-advisoryx_refsource_SECUNIA
    https://svn.kvirc.de/kvirc/ticket/858 x_refsource_CONFIRM
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    Date Public
    2010-07-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:46:48.031Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
              },
              {
                "name": "FEDORA-2010-11524",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
              },
              {
                "name": "40796",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40796"
              },
              {
                "name": "66648",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/66648"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://svn.kvirc.de/kvirc/changeset/4693"
              },
              {
                "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
              },
              {
                "name": "SUSE-SR:2010:014",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
              },
              {
                "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
              },
              {
                "name": "40727",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40727"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://svn.kvirc.de/kvirc/ticket/858"
              },
              {
                "name": "FEDORA-2010-11506",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-07-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-09T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
            },
            {
              "name": "FEDORA-2010-11524",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
            },
            {
              "name": "40796",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40796"
            },
            {
              "name": "66648",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/66648"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://svn.kvirc.de/kvirc/changeset/4693"
            },
            {
              "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
            },
            {
              "name": "SUSE-SR:2010:014",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
            },
            {
              "name": "40727",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40727"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://svn.kvirc.de/kvirc/ticket/858"
            },
            {
              "name": "FEDORA-2010-11506",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2010-2785",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=330111",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
                },
                {
                  "name": "FEDORA-2010-11524",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
                },
                {
                  "name": "40796",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40796"
                },
                {
                  "name": "66648",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/66648"
                },
                {
                  "name": "https://svn.kvirc.de/kvirc/changeset/4693",
                  "refsource": "CONFIRM",
                  "url": "https://svn.kvirc.de/kvirc/changeset/4693"
                },
                {
                  "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                  "refsource": "MLIST",
                  "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
                },
                {
                  "name": "SUSE-SR:2010:014",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
                },
                {
                  "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
                },
                {
                  "name": "40727",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40727"
                },
                {
                  "name": "https://svn.kvirc.de/kvirc/ticket/858",
                  "refsource": "CONFIRM",
                  "url": "https://svn.kvirc.de/kvirc/ticket/858"
                },
                {
                  "name": "FEDORA-2010-11506",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2010-2785",
        "datePublished": "2010-08-02T19:00:00.000Z",
        "dateReserved": "2010-07-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:46:48.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2452 (GCVE-0-2010-2452)

    Vulnerability from cvelistv5 – Published: 2010-06-29 18:00 – Updated: 2024-08-07 02:32
    VLAI
    Summary
    Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.omnikron.net/pipermail/kvirc/2010-Ma… mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/40746 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2010/1602 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2010/dsa-2065 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/40349 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:32:16.606Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2010-10522",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
              },
              {
                "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
              },
              {
                "name": "40746",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40746"
              },
              {
                "name": "ADV-2010-1602",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1602"
              },
              {
                "name": "FEDORA-2010-10529",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
              },
              {
                "name": "DSA-2065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2010/dsa-2065"
              },
              {
                "name": "40349",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40349"
              },
              {
                "name": "SUSE-SR:2010:014",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-09T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2010-10522",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
            },
            {
              "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
            },
            {
              "name": "40746",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40746"
            },
            {
              "name": "ADV-2010-1602",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1602"
            },
            {
              "name": "FEDORA-2010-10529",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
            },
            {
              "name": "DSA-2065",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2065"
            },
            {
              "name": "40349",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40349"
            },
            {
              "name": "SUSE-SR:2010:014",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-2452",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2010-10522",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
                },
                {
                  "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                  "refsource": "MLIST",
                  "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
                },
                {
                  "name": "40746",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40746"
                },
                {
                  "name": "ADV-2010-1602",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1602"
                },
                {
                  "name": "FEDORA-2010-10529",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
                },
                {
                  "name": "DSA-2065",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2010/dsa-2065"
                },
                {
                  "name": "40349",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40349"
                },
                {
                  "name": "SUSE-SR:2010:014",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-2452",
        "datePublished": "2010-06-29T18:00:00.000Z",
        "dateReserved": "2010-06-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:32:16.606Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2451 (GCVE-0-2010-2451)

    Vulnerability from cvelistv5 – Published: 2010-06-29 18:00 – Updated: 2024-08-07 02:32
    VLAI
    Summary
    Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.omnikron.net/pipermail/kvirc/2010-Ma… mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/40746 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2010/1602 vdb-entryx_refsource_VUPEN
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2010/dsa-2065 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/40349 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:32:16.580Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2010-10522",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
              },
              {
                "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
              },
              {
                "name": "40746",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/40746"
              },
              {
                "name": "ADV-2010-1602",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/1602"
              },
              {
                "name": "FEDORA-2010-10529",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
              },
              {
                "name": "DSA-2065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2010/dsa-2065"
              },
              {
                "name": "40349",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/40349"
              },
              {
                "name": "SUSE-SR:2010:014",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-09T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2010-10522",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
            },
            {
              "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
            },
            {
              "name": "40746",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/40746"
            },
            {
              "name": "ADV-2010-1602",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1602"
            },
            {
              "name": "FEDORA-2010-10529",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
            },
            {
              "name": "DSA-2065",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2065"
            },
            {
              "name": "40349",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/40349"
            },
            {
              "name": "SUSE-SR:2010:014",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-2451",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2010-10522",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
                },
                {
                  "name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
                  "refsource": "MLIST",
                  "url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
                },
                {
                  "name": "40746",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/40746"
                },
                {
                  "name": "ADV-2010-1602",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/1602"
                },
                {
                  "name": "FEDORA-2010-10529",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
                },
                {
                  "name": "DSA-2065",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2010/dsa-2065"
                },
                {
                  "name": "40349",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/40349"
                },
                {
                  "name": "SUSE-SR:2010:014",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-2451",
        "datePublished": "2010-06-29T18:00:00.000Z",
        "dateReserved": "2010-06-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:32:16.580Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-7070 (GCVE-0-2008-7070)

    Vulnerability from cvelistv5 – Published: 2009-08-25 10:00 – Updated: 2024-08-07 11:56
    VLAI
    Summary
    Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://retrogod.altervista.org/kvirc_342_cmd.html x_refsource_MISC
    http://www.securityfocus.com/archive/1/498557/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/7181 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/32410 vdb-entryx_refsource_BID
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:56:13.568Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
              },
              {
                "name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
              },
              {
                "name": "7181",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/7181"
              },
              {
                "name": "32410",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32410"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              },
              {
                "name": "kvirc-multiple-uri-command-execution(46779)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a \" (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI.  NOTE: this might be due to an incomplete fix for CVE-2007-2951."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
            },
            {
              "name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
            },
            {
              "name": "7181",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/7181"
            },
            {
              "name": "32410",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32410"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            },
            {
              "name": "kvirc-multiple-uri-command-execution(46779)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-7070",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a \" (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI.  NOTE: this might be due to an incomplete fix for CVE-2007-2951."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://retrogod.altervista.org/kvirc_342_cmd.html",
                  "refsource": "MISC",
                  "url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
                },
                {
                  "name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
                },
                {
                  "name": "7181",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/7181"
                },
                {
                  "name": "32410",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32410"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                },
                {
                  "name": "kvirc-multiple-uri-command-execution(46779)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-7070",
        "datePublished": "2009-08-25T10:00:00.000Z",
        "dateReserved": "2009-08-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:56:13.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-4748 (GCVE-0-2008-4748)

    Vulnerability from cvelistv5 – Published: 2008-10-27 19:00 – Updated: 2024-08-07 10:24
    VLAI
    Summary
    Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/6832 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/31912 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/4508 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2008/2926 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/32410 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-10-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:24:21.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "6832",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6832"
              },
              {
                "name": "31912",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31912"
              },
              {
                "name": "kvirc-irc-format-string(46114)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
              },
              {
                "name": "4508",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4508"
              },
              {
                "name": "ADV-2008-2926",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2926"
              },
              {
                "name": "32410",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32410"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "6832",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6832"
            },
            {
              "name": "31912",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31912"
            },
            {
              "name": "kvirc-irc-format-string(46114)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
            },
            {
              "name": "4508",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4508"
            },
            {
              "name": "ADV-2008-2926",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2926"
            },
            {
              "name": "32410",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32410"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-4748",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "6832",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6832"
                },
                {
                  "name": "31912",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/31912"
                },
                {
                  "name": "kvirc-irc-format-string(46114)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
                },
                {
                  "name": "4508",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4508"
                },
                {
                  "name": "ADV-2008-2926",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/2926"
                },
                {
                  "name": "32410",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32410"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-4748",
        "datePublished": "2008-10-27T19:00:00.000Z",
        "dateReserved": "2008-10-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:24:21.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }