The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote malicious users to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kvirc irc client 3.2.0 |