Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
oryginał ENCVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:CKvirc
APPKvirc3.4.04.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje
Powiązane podatności
CVE-2010-2451HIGH10.0ten sam produkt
Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact a...
CVE-2008-7070HIGH9.3ten sam produkt
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute ar...
CVE-2008-4748HIGH7.6ten sam produkt
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for process...
CVE-2010-2785MEDIUM6.5ten sam produkt
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters...
CVE-2007-2951HIGH9.3ten sam vendor
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attacke...