CVE-2008-4748

Published: Oct 27, 2008Modified: Apr 23, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.

Affected (1)

Products: Kvirc: Kvirc

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kvirc Kvirc	Version 3.4.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

http://secunia.com/advisories/32410

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/4508

Source: cve@mitre.org

http://www.securityfocus.com/bid/31912

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2926

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46114

Source: cve@mitre.org

https://www.exploit-db.com/exploits/6832

Source: cve@mitre.org

http://secunia.com/advisories/32410

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/4508

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/31912

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/2926

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46114

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/6832

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.