ID CVE-2007-2951
Summary The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
References
Vulnerable Configurations
  • cpe:2.3:a:kvirc:irc_client:3.2.0
    cpe:2.3:a:kvirc:irc_client:3.2.0
CVSS
Base: 9.3 (as of 27-06-2007 - 12:22)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200709-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-200709-02 (KVIrc: Remote arbitrary code execution) Stefan Cornelius from Secunia Research discovered that the 'parseIrcUrl()' function in file src/kvirc/kernel/kvi_ircurl.cpp does not properly sanitise parts of the URI when building the command for KVIrc's internal script system. Impact : A remote attacker could entice a user to open a specially crafted irc:// URI, possibly leading to the remote execution of arbitrary code with the privileges of the user running KVIrc. Successful exploitation requires that KVIrc is registered as the default handler for irc:// or similar URIs. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 26042
    published 2007-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26042
    title GLSA-200709-02 : KVIrc: Remote arbitrary code execution
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KVIRC-3953.NASL
    description A bug in the IRC-URI parser allowed attackers to execute arbitrary commands by tricking a user into opening a specially crafted URI in kvirc (CVE-2007-2951).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27315
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27315
    title openSUSE 10 Security Update : kvirc (kvirc-3953)
refmap via4
bid 24652
bugtraq 20070628 Secunia Research: KVIrc irc:// URI Handler Command ExecutionVulnerability
confirm https://svn.kvirc.de/kvirc/changeset/630/#file3
gentoo GLSA-200709-02
misc http://secunia.com/secunia_research/2007-56/advisory/
osvdb 37604
secunia
  • 25740
  • 26813
suse SUSE-SR:2007:015
vupen ADV-2007-2334
xf kvirc-parseircurl-command-execution(35087)
Last major update 30-10-2012 - 22:36
Published 26-06-2007 - 14:30
Last modified 16-10-2018 - 12:46
Back to Top