CVE-1999-1351

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Sep 24, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1351 is a vulnerability affecting the KVIrc IRC client version 0.9.0. With the "Listen to !nick <soundname> requests" option activated, attackers can exploit a directory traversal flaw to read arbitrary files on the victim's system. This vulnerability arises when the client fails to properly validate user input in a DCC GET request, allowing an attacker to manipulate file paths and gain unauthorized access to sensitive data. This issue poses a significant risk to users who have this option enabled and could result in potential data exposure or system compromise.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share