Lucene search
PRIOn knowledge basePRION:CVE-2007-2951HistoryJun 26, 2007 - 6:30 p.m.
Code injection
2007-06-2618:30:00
PRIOn knowledge base
www.prio-n.com
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| irc_client | eq | 3.2.0 |
References
osvdb.org/37604
secunia.com/advisories/25740
secunia.com/advisories/26813
secunia.com/secunia_research/2007-56/advisory/
security.gentoo.org/glsa/glsa-200709-02.xml
www.novell.com/linux/security/advisories/2007_15_sr.html
www.securityfocus.com/archive/1/472441/100/0/threaded
www.securityfocus.com/bid/24652
www.vupen.com/english/advisories/2007/2334
exchange.xforce.ibmcloud.com/vulnerabilities/35087
svn.kvirc.de/kvirc/changeset/630/
Related
nessus
nessus
openSUSE 10 Security Update : kvirc (kvirc-3953)
2007-10-17 00:00:00
GLSA-200709-02 : KVIrc: Remote arbitrary code execution
2007-09-14 00:00:00
securityvulns
securityvulns
[Full-disclosure] Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability
2007-06-28 00:00:00
KVIrc IRC client buffer overflow
2007-06-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200709-02 (kvirc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200709-02 (kvirc)
2008-09-24 00:00:00
nvd
nvd
CVE-2007-2951
2007-06-26 18:30:00
CVE-2008-7070
2009-08-25 10:30:00
debiancve
debiancve
CVE-2007-2951
2007-06-26 18:30:00
CVE-2008-7070
2009-08-25 10:30:00
ubuntucve
ubuntucve
CVE-2007-2951
2007-06-26 00:00:00
CVE-2008-7070
2009-08-25 00:00:00
cvelist
cvelist
CVE-2007-2951
2007-06-26 18:00:00
CVE-2008-7070
2009-08-25 10:00:00
gentoo
gentoo
KVIrc: Remote arbitrary code execution
2007-09-13 00:00:00
seebug
seebug
KVIrc irc:// URI处理器远程命令注入漏洞
2007-06-29 00:00:00
cve
cve
CVE-2007-2951
2007-06-26 18:30:00
CVE-2008-7070
2009-08-25 10:30:00
prion
prion
Design/Logic Flaw
2009-08-25 10:30:00