KVIrc DCC Directory Traversal and Multiple Format String Vulnerabilities

KVIrc is prone to a directory-traversal and multiple remote format-string vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may exploit these issues to overwrite arbitrary local files or to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Other attacks may also be possible, including data loss or corruption.


 

Privacy Statement
Copyright 2010, SecurityFocus