CVE-2010-2452

KVIrc 3.4 and 4.0 - Path Traversal via DCC Functionality

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.

References (9)

Core 9
Core References
Various Sources mailing-list x_refsource_mlist
http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40746
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1602
Patch vendor-advisory x_refsource_debian
http://www.debian.org/security/2010/dsa-2065
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40349
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32410
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html

Scores

EPSS 0.0405
EPSS Percentile 89.4%

Details

CWE
CWE-22
Status published
Products (2)
kvirc/kvirc 3.4.0
kvirc/kvirc 4.0
Published Jun 29, 2010
Tracked Since Feb 18, 2026