CVE-2007-2951

Related Files

Gentoo Linux Security Advisory 200709-2

Posted Sep 13, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-02 - Stefan Cornelius from Secunia Research discovered that the parseIrcUrl() function in file src/kvirc/kernel/kvi_ircurl.cpp does not properly sanitise parts of the URI when building the command for KVIrc's internal script system. Versions less than 3.2.6_pre20070714 are affected.

tags | advisory, kernel

systems | linux, gentoo

advisories | CVE-2007-2951

SHA-256 | 90d4937d305e3af40aa7ae6c9d542bb105c2c3b6bdb32ff4be1d2d3fe479490d

Download | Favorite | View

secunia-kvirc.txt

Posted Jun 29, 2007

Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in KVIrc, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "parseIrcUrl()" function in src/kvirc/kernel/kvi_ircurl.cpp not properly sanitizing parts of the URI when building the command for KVIrc's internal script system. KVIrc version 3.2.0 is affected.

tags | advisory, kernel

advisories | CVE-2007-2951

SHA-256 | 187e48b0153904c34ee74cfe316558697a18e2cf35a81db6048183a191cc5df2

Download | Favorite | View