Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
AV:N/AC:L/Au:N/C:P/I:N/A:NKvirc Irc Client
APPKvirc0.9.0
Related vulnerabilities
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attacke...
Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact a...
Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to ove...
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute ar...
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for process...