Lucene search

[email protected]CVE-2008-4748

HistoryOct 27, 2008 - 8:00 p.m.

CVE-2008-4748

2008-10-2720:00:01

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-4748

kvirc

format string vulnerability

uri handler

denial of service

remote code execution

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.084 Low

EPSS

Percentile

94.5%

JSON

Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.

Affected configurations

NVD

Node

kvirckvircMatch3.4.0

CPENameOperatorVersion
kvirc:kvirckvirceq3.4.0

CPE	Name	Operator	Version
kvirc:kvirc	kvirc	eq	3.4.0

References

secunia.com/advisories/32410

securityreason.com/securityalert/4508

www.securityfocus.com/bid/31912

www.vupen.com/english/advisories/2008/2926

exchange.xforce.ibmcloud.com/vulnerabilities/46114

www.exploit-db.com/exploits/6832

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.084 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2008-4748

zeroscience1 ubuntucve1 prion1 nvd1 cvelist1 debiancve1