← Back

Kvirc

kvirc

Vendor: Kvirc • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2010-2785
1Kvirc
1Kvirc
Apr 29, 2026
Aug 2, 2010
N/A· v4
N/A· v3
6.5 MEDIUM· v2
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40...Show more
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.Show less
CVE-2010-2452
1Kvirc
1Kvirc
Apr 29, 2026
Jun 29, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
CVE-2010-2451
1Kvirc
1Kvirc
Apr 29, 2026
Jun 29, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
CVE-2008-7070
1Kvirc
1Kvirc
Apr 23, 2026
Aug 25, 2009
N/A· v4
N/A· v3
9.3 HIGH· v2
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs://...Show more
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951.Show less
CVE-2008-4748
1Kvirc
1Kvirc
Apr 23, 2026
Oct 27, 2008
N/A· v4
N/A· v3
7.6 HIGH· v2
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute ar...Show more
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.Show less