FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kvirc -- multiple vulnerabilities

Affected packages
kvirc < 4.0.0
kvirc-devel < 4.0.0

Details

VuXML ID 8685d412-8468-11df-8d45-001d7d9eb79a
Discovery 2010-05-17
Entry 2010-06-30

Two security vulnerabilities have been discovered:

Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.

[source]

Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.

[source]

References

CVE Name CVE-2010-2451
CVE Name CVE-2010-2452
URL http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.