Search criteria
7 vulnerabilities by kvirc
CVE-2010-2785 (GCVE-0-2010-2785)
Vulnerability from cvelistv5 – Published: 2010-08-02 19:00 – Updated: 2024-08-07 02:46
VLAI?
Summary
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
},
{
"name": "FEDORA-2010-11524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
},
{
"name": "40796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40796"
},
{
"name": "66648",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/66648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.kvirc.de/kvirc/changeset/4693"
},
{
"name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/07/28/1"
},
{
"name": "40727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40727"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.kvirc.de/kvirc/ticket/858"
},
{
"name": "FEDORA-2010-11506",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-09T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
},
{
"name": "FEDORA-2010-11524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
},
{
"name": "40796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40796"
},
{
"name": "66648",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/66648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.kvirc.de/kvirc/changeset/4693"
},
{
"name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/07/28/1"
},
{
"name": "40727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40727"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.kvirc.de/kvirc/ticket/858"
},
{
"name": "FEDORA-2010-11506",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=330111",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
},
{
"name": "FEDORA-2010-11524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
},
{
"name": "40796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40796"
},
{
"name": "66648",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/66648"
},
{
"name": "https://svn.kvirc.de/kvirc/changeset/4693",
"refsource": "CONFIRM",
"url": "https://svn.kvirc.de/kvirc/changeset/4693"
},
{
"name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/07/28/1"
},
{
"name": "40727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40727"
},
{
"name": "https://svn.kvirc.de/kvirc/ticket/858",
"refsource": "CONFIRM",
"url": "https://svn.kvirc.de/kvirc/ticket/858"
},
{
"name": "FEDORA-2010-11506",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2785",
"datePublished": "2010-08-02T19:00:00",
"dateReserved": "2010-07-22T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2451 (GCVE-0-2010-2451)
Vulnerability from cvelistv5 – Published: 2010-06-29 18:00 – Updated: 2024-08-07 02:32
VLAI?
Summary
Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-10522",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
},
{
"name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
},
{
"name": "40746",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40746"
},
{
"name": "ADV-2010-1602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1602"
},
{
"name": "FEDORA-2010-10529",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
},
{
"name": "DSA-2065",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2065"
},
{
"name": "40349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40349"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32410"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2010-10522",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
},
{
"name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
},
{
"name": "40746",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40746"
},
{
"name": "ADV-2010-1602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1602"
},
{
"name": "FEDORA-2010-10529",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
},
{
"name": "DSA-2065",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2065"
},
{
"name": "40349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40349"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32410"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2010-10522",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
},
{
"name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
"refsource": "MLIST",
"url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
},
{
"name": "40746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40746"
},
{
"name": "ADV-2010-1602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1602"
},
{
"name": "FEDORA-2010-10529",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
},
{
"name": "DSA-2065",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2065"
},
{
"name": "40349",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40349"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "32410",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32410"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2451",
"datePublished": "2010-06-29T18:00:00",
"dateReserved": "2010-06-24T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2452 (GCVE-0-2010-2452)
Vulnerability from cvelistv5 – Published: 2010-06-29 18:00 – Updated: 2024-08-07 02:32
VLAI?
Summary
Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-10522",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
},
{
"name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
},
{
"name": "40746",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40746"
},
{
"name": "ADV-2010-1602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1602"
},
{
"name": "FEDORA-2010-10529",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
},
{
"name": "DSA-2065",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2065"
},
{
"name": "40349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40349"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32410"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2010-10522",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
},
{
"name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
},
{
"name": "40746",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40746"
},
{
"name": "ADV-2010-1602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1602"
},
{
"name": "FEDORA-2010-10529",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
},
{
"name": "DSA-2065",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2065"
},
{
"name": "40349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40349"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32410"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2010-10522",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html"
},
{
"name": "[KVIrc] 20100517 Proposal for a stable release of kvirc4",
"refsource": "MLIST",
"url": "http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html"
},
{
"name": "40746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40746"
},
{
"name": "ADV-2010-1602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1602"
},
{
"name": "FEDORA-2010-10529",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html"
},
{
"name": "DSA-2065",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2065"
},
{
"name": "40349",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40349"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "32410",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32410"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2452",
"datePublished": "2010-06-29T18:00:00",
"dateReserved": "2010-06-24T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7070 (GCVE-0-2008-7070)
Vulnerability from cvelistv5 – Published: 2009-08-25 10:00 – Updated: 2024-08-07 11:56
VLAI?
Summary
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:13.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
},
{
"name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
},
{
"name": "7181",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7181"
},
{
"name": "32410",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32410"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32410"
},
{
"name": "kvirc-multiple-uri-command-execution(46779)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a \" (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
},
{
"name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
},
{
"name": "7181",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7181"
},
{
"name": "32410",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32410"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32410"
},
{
"name": "kvirc-multiple-uri-command-execution(46779)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a \" (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://retrogod.altervista.org/kvirc_342_cmd.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/kvirc_342_cmd.html"
},
{
"name": "20081121 KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498557/100/0/threaded"
},
{
"name": "7181",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7181"
},
{
"name": "32410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32410"
},
{
"name": "32410",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32410"
},
{
"name": "kvirc-multiple-uri-command-execution(46779)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46779"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7070",
"datePublished": "2009-08-25T10:00:00",
"dateReserved": "2009-08-24T00:00:00",
"dateUpdated": "2024-08-07T11:56:13.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4748 (GCVE-0-2008-4748)
Vulnerability from cvelistv5 – Published: 2008-10-27 19:00 – Updated: 2024-08-07 10:24
VLAI?
Summary
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:21.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6832",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6832"
},
{
"name": "31912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31912"
},
{
"name": "kvirc-irc-format-string(46114)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
},
{
"name": "4508",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4508"
},
{
"name": "ADV-2008-2926",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2926"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32410"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6832",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6832"
},
{
"name": "31912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31912"
},
{
"name": "kvirc-irc-format-string(46114)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
},
{
"name": "4508",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4508"
},
{
"name": "ADV-2008-2926",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2926"
},
{
"name": "32410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32410"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6832",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6832"
},
{
"name": "31912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31912"
},
{
"name": "kvirc-irc-format-string(46114)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46114"
},
{
"name": "4508",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4508"
},
{
"name": "ADV-2008-2926",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2926"
},
{
"name": "32410",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32410"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4748",
"datePublished": "2008-10-27T19:00:00",
"dateReserved": "2008-10-27T00:00:00",
"dateUpdated": "2024-08-07T10:24:21.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2951 (GCVE-0-2007-2951)
Vulnerability from cvelistv5 – Published: 2007-06-26 18:00 – Updated: 2024-08-07 13:57
VLAI?
Summary
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.kvirc.de/kvirc/changeset/630/#file3"
},
{
"name": "20070628 Secunia Research: KVIrc irc:// URI Handler Command ExecutionVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472441/100/0/threaded"
},
{
"name": "GLSA-200709-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-02.xml"
},
{
"name": "kvirc-parseircurl-command-execution(35087)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35087"
},
{
"name": "26813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26813"
},
{
"name": "ADV-2007-2334",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2334"
},
{
"name": "37604",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37604"
},
{
"name": "24652",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24652"
},
{
"name": "SUSE-SR:2007:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-56/advisory/"
},
{
"name": "25740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25740"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.kvirc.de/kvirc/changeset/630/#file3"
},
{
"name": "20070628 Secunia Research: KVIrc irc:// URI Handler Command ExecutionVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472441/100/0/threaded"
},
{
"name": "GLSA-200709-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-02.xml"
},
{
"name": "kvirc-parseircurl-command-execution(35087)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35087"
},
{
"name": "26813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26813"
},
{
"name": "ADV-2007-2334",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2334"
},
{
"name": "37604",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37604"
},
{
"name": "24652",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24652"
},
{
"name": "SUSE-SR:2007:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-56/advisory/"
},
{
"name": "25740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25740"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-2951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://svn.kvirc.de/kvirc/changeset/630/#file3",
"refsource": "CONFIRM",
"url": "https://svn.kvirc.de/kvirc/changeset/630/#file3"
},
{
"name": "20070628 Secunia Research: KVIrc irc:// URI Handler Command ExecutionVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472441/100/0/threaded"
},
{
"name": "GLSA-200709-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200709-02.xml"
},
{
"name": "kvirc-parseircurl-command-execution(35087)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35087"
},
{
"name": "26813",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26813"
},
{
"name": "ADV-2007-2334",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2334"
},
{
"name": "37604",
"refsource": "OSVDB",
"url": "http://osvdb.org/37604"
},
{
"name": "24652",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24652"
},
{
"name": "SUSE-SR:2007:015",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name": "http://secunia.com/secunia_research/2007-56/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-56/advisory/"
},
{
"name": "25740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25740"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-2951",
"datePublished": "2007-06-26T18:00:00",
"dateReserved": "2007-05-31T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1351 (GCVE-0-1999-1351)
Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-01 17:11
VLAI?
Summary
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:02.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kvirc-dot-directory-traversal(7761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7761.php"
},
{
"name": "19990924 Kvirc bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93845560631314\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the \"Listen to !nick \u003csoundname\u003e requests\" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kvirc-dot-directory-traversal(7761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7761.php"
},
{
"name": "19990924 Kvirc bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93845560631314\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the \"Listen to !nick \u003csoundname\u003e requests\" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kvirc-dot-directory-traversal(7761)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7761.php"
},
{
"name": "19990924 Kvirc bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=93845560631314\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1351",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:02.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}