CVE-2010-2785 | Date: (C)2010-08-02 (M)2023-12-22 |
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving
and 40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 6.5 |
Exploit Score: 8.0 |
Impact Score: 6.4 |
|
CVSS V2 Metrics: |
Access Vector: NETWORK |
Access Complexity: LOW |
Authentication: SINGLE |
Confidentiality: PARTIAL |
Integrity: PARTIAL |
Availability: PARTIAL |
| |