Lucene search

MitreCVE-2010-2452

HistoryJun 29, 2010 - 6:30 p.m.

CVE-2010-2452

2010-06-2918:30:01

CWE-22

mitre

web.nvd.nist.gov

kvirc

cve-2010-2452

directory traversal

remote attackers

file overwrite

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.

Affected configurations

Nvd

Node

kvirckvircMatch3.4.0

kvirckvircMatch4.0

VendorProductVersionCPE
kvirckvirc3.4.0cpe:2.3:a:kvirc:kvirc:3.4.0:*:*:*:*:*:*:*
kvirckvirc4.0cpe:2.3:a:kvirc:kvirc:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kvirc	kvirc	3.4.0	cpe:2.3:a:kvirc:kvirc:3.4.0:::::::*
kvirc	kvirc	4.0	cpe:2.3:a:kvirc:kvirc:4.0:::::::*

References

lists.fedoraproject.org/pipermail/package-announce/2010-June/043601.html

lists.fedoraproject.org/pipermail/package-announce/2010-June/043629.html

lists.omnikron.net/pipermail/kvirc/2010-May/000867.html

lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

secunia.com/advisories/32410

secunia.com/advisories/40349

www.debian.org/security/2010/dsa-2065

www.securityfocus.com/bid/40746

www.vupen.com/english/advisories/2010/1602

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

Related for CVE-2010-2452