Lucene search

[email protected]CVE-2007-2951

HistoryJun 26, 2007 - 6:30 p.m.

CVE-2007-2951

2007-06-2618:30:00

[email protected]

web.nvd.nist.gov

cve

kvirc

remote execution

shell metacharacters

irc protocol

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.

Affected configurations

NVD

Node

kvircirc_clientMatch3.2.0

CPENameOperatorVersion
kvirc:irc_clientkvirc irc clienteq3.2.0

CPE	Name	Operator	Version
kvirc:irc_client	kvirc irc client	eq	3.2.0

References

osvdb.org/37604

secunia.com/advisories/25740

secunia.com/advisories/26813

secunia.com/secunia_research/2007-56/advisory/

security.gentoo.org/glsa/glsa-200709-02.xml

www.novell.com/linux/security/advisories/2007_15_sr.html

www.securityfocus.com/archive/1/472441/100/0/threaded

www.securityfocus.com/bid/24652

www.vupen.com/english/advisories/2007/2334

exchange.xforce.ibmcloud.com/vulnerabilities/35087

svn.kvirc.de/kvirc/changeset/630/#file3

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2007-2951

nessus2 prion2 openvas2 securityvulns2 ubuntucve2 nvd2 debiancve2 cvelist2 gentoo1 seebug1 cve1