Two security issues have been discovered in the DCC protocol support
code of kvirc, a KDE-based next generation IRC client, which allow
the overwriting of local files through directory traversal and the
execution of arbitrary code through a format string attack
For the stable distribution (lenny), these problems have been fixed in
version 340-5 ...