Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2008-7070

Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951.

  • Published: Aug 25, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-7070
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
kvirc / kvirc 3.4.2 3.4.2.x