Published: 29/06/2010 Updated: 06/11/2012

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kvirc kvirc 3.4.0
kvirc kvirc 4.0

Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack For the stable distribution (lenny), these problems have been fixed in version 340-5 ...

CWE-134 http://www.vupen.com/english/advisories/2010/1602 http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html http://secunia.com/advisories/40349 http://secunia.com/advisories/32410 http://www.debian.org/security/2010/dsa-2065 http://www.securityfocus.com/bid/40746 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html https://nvd.nist.gov https://www.debian.org/security/./dsa-2065

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2451

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect