Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-2951HistoryJun 26, 2007 - 6:30 p.m.
CVE-2007-2951
2007-06-2618:30:00
Debian Security Bug Tracker
security-tracker.debian.org
9
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.016 Low
EPSS
Percentile
87.6%
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | kvirc | <Β 2:3.2.4-5 | kvirc_2:3.2.4-5_all.deb |
| Debian | 11 | all | kvirc | <Β 2:3.2.4-5 | kvirc_2:3.2.4-5_all.deb |
| Debian | 999 | all | kvirc | <Β 2:3.2.4-5 | kvirc_2:3.2.4-5_all.deb |
| Debian | 13 | all | kvirc | <Β 2:3.2.4-5 | kvirc_2:3.2.4-5_all.deb |
Related
securityvulns
securityvulns
[Full-disclosure] Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability
2007-06-28 00:00:00
KVIrc IRC client buffer overflow
2007-06-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200709-02 (kvirc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200709-02 (kvirc)
2008-09-24 00:00:00
nessus
nessus
GLSA-200709-02 : KVIrc: Remote arbitrary code execution
2007-09-14 00:00:00
openSUSE 10 Security Update : kvirc (kvirc-3953)
2007-10-17 00:00:00
nvd
nvd
CVE-2007-2951
2007-06-26 18:30:00
CVE-2008-7070
2009-08-25 10:30:00
ubuntucve
ubuntucve
CVE-2007-2951
2007-06-26 00:00:00
CVE-2008-7070
2009-08-25 00:00:00
cvelist
cvelist
CVE-2007-2951
2007-06-26 18:00:00
CVE-2008-7070
2009-08-25 10:00:00
gentoo
gentoo
KVIrc: Remote arbitrary code execution
2007-09-13 00:00:00
seebug
seebug
KVIrc irc:// URIε€ηε¨θΏη¨ε½δ»€ζ³¨ε
₯ζΌζ΄
2007-06-29 00:00:00
cve
cve
CVE-2007-2951
2007-06-26 18:30:00
CVE-2008-7070
2009-08-25 10:30:00
prion
prion
Code injection
2007-06-26 18:30:00
Design/Logic Flaw
2009-08-25 10:30:00
debiancve
debiancve
CVE-2008-7070
2009-08-25 10:30:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.016 Low
EPSS
Percentile
87.6%
Related for DEBIANCVE:CVE-2007-2951