Lucene search
K

6 matches found

Prion
Prion
added 2009/08/25 10:30 a.m.18 views

Design/Logic Flaw

Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " quote followed by command line switches in a 1 irc:///, 2 irc6:///, 3 ircs:///, or 4 and ircs6:/// URI. NOTE: this might be due to an incomplete fix for...

9.3CVSS8AI score0.0505EPSS
Exploits2References6Affected Software1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.22 views

Gentoo Security Advisory GLSA 200709-02 (kvirc)

The remote host is missing updates announced in advisory GLSA 200709-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

9.3CVSS0.5AI score0.03197EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.25 views

openSUSE 10 Security Update : kvirc (kvirc-3953)

A bug in the IRC-URI parser allowed attackers to execute arbitrary commands by tricking a user into opening a specially crafted URI in kvirc CVE-2007-2951. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

9.3CVSS5.6AI score0.03197EPSS
Exploits1References1
seebug.org
seebug.org
added 2007/06/29 12:0 a.m.26 views

KVIrc irc:// URI处理器远程命令注入漏洞

BUGTRAQ ID: 24652 CVECAN ID: CVE-2007-2951 KVIrc是一款免费的可移植IRC客户端。 KVIrc客户端在处理“irc://”协议串时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行命令。 KVIrc客户端的src/kvirc/kernel/kviircurl.cpp文件中的parseIrcUrl函数在为KVIrc的内部脚本系统构建命令时没有正确过滤部分URI,如果用户受骗打开了特制的irc://或类似的URI(如irc6://)的话,就会导致注入并执行KVIrc脚本系统命令。成功攻击要求KVIrc是irc://或类似URI的默认处理器。...

9.3CVSS0.6AI score0.03197EPSS
Exploits1
securityvulns
securityvulns
added 2007/06/28 12:0 a.m.52 views

[Full-disclosure] Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability

====================================================================== Secunia Research 26/06/2007 - KVIrc irc:// URI Handler Command Execution Vulnerability - ====================================================================== Table of Contents Affected...

9.3CVSS1AI score0.03197EPSS
Exploits1
NVD
NVD
added 2007/06/26 6:30 p.m.20 views

CVE-2007-2951

The parseIrcUrl function in src/kvirc/kernel/kviircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an 1 irc:// or 2 irc6:// URI...

9.3CVSS7.4AI score0.03197EPSS
Exploits1References11
Rows per page
Query Builder