MEDIUM🇵🇱 Wersja polska

CVE-1999-1351

CVSS 5.0v2.0pub. 1999-09-24upd. 2026-04-16

Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Kvirc Irc Client

    APP
    Kvirc
    0.9.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2007-2951HIGH9.3ten sam produkt

The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attacke...

CVE-2010-2451HIGH10.0ten sam vendor

Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact a...

CVE-2010-2452HIGH9.3ten sam vendor

Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to ove...

CVE-2008-7070HIGH9.3ten sam vendor

Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute ar...

CVE-2008-4748HIGH7.6ten sam vendor

Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for process...