kvirc
Page content
- Author: vmiklos
- Vulnerable: 3.2.0-2
- Unaffected: 3.2.5-1terminus1
Secunia Research has discovered a vulnerability in KVIrc, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to the “parseIrcUrl()” function in src/kvirc/kernel/kvi_ircurl.cpp not properly sanitising parts of the URI when building the command for KVIrc’s internal script system. This can be exploited to inject and execute commands for the KVIrc script system (including the “run” command, which can be leveraged to execute shell commands) by e.g. tricking a user into opening a malicious “irc://” (or similar URI like “irc6://”) URI. Successful exploitation requires that KVIrc is the default handler for “irc://” or similar URIs.
- Bug Tracker URL: http://bugs.frugalware.org/task/2214