2 matches found
CVE-2007-2951
CVE-2007-2951 affects KVIrc 3.2.0 where parseIrcUrl in src/kvirc/kernel/kvi_ircurl.cpp fails to sanitize URI components, allowing user-assisted remote command execution via irc:// and irc6:// URIs. Connected advisories (GLSA 200709-02 and related OSS/openSUSE/Nessus entries) confirm the root caus...
CVE-1999-1351
CVE-1999-1351 describes a directory traversal flaw in the KVIrc IRC client (version 0.9.0) when the “Listen to !nick requests” option is enabled. An attacker can read arbitrary files by injecting ‘..’ in a DCC GET request. The vulnerability is rooted in improper path handling during DCC GET proc...