Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 244666 (CVE-2008-4748)

Summary: net-irc/kvirc "irc://" URI Handling Format String Vulnerability (CVE-2008-4748)
Product: Gentoo Security Reporter: Matti Bickel (RETIRED) <mabi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED WONTFIX    
Severity: normal CC: arfrever, bugs, net-irc
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/32410/
Whiteboard: B2 [upstream]
Package list:
Runtime testing required: ---

Description Matti Bickel (RETIRED) gentoo-dev 2008-10-27 18:37:41 UTC 
From Secunia:

IMPACT:
DoS, System access

WHERE:
From remote

SOFTWARE:
KVIrc 3.x
http://secunia.com/advisories/product/14634/

DESCRIPTION:
Gjoko 'LiquidWorm' Krstic has discovered a vulnerability in KVIrc,
which potentially can be exploited by malicious people to compromise
a user's system.

The vulnerability is caused due to a format string error while
processing URIs and can be exploited e.g. by tricking a user into
opening a specially crafted "irc://" URI.
Successful exploitation may allow execution of arbitrary code, but
requires that KVIrc is the default handler for IRC URIs.

The vulnerability is confirmed in version 3.4.0 on Windows. Other
versions may also be affected.

SOLUTION:
Do not follow untrusted links or browse untrusted websites.

PROVIDED AND/OR DISCOVERED BY:
Gjoko 'LiquidWorm' Krstic

ORIGINAL ADVISORY:
http://milw0rm.com/exploits/6832
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-10-27 20:35:54 UTC 
matti, feel free to cc maintainers and set whiteboard.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2008-10-28 10:00:48 UTC 
CVE-2008-4748
Comment 3 mren 2008-12-17 21:44:21 UTC 
The devs in #kvirc say it is a Windows-only problem as not KVIrc is vulnerable but MS Internet Explorer is (in that case). A workaround is also included in KVIrc so that this shouldn't be able to exploit anymore (on windows).
I think, this bug can be closed.
Comment 4 Matti Bickel (RETIRED) gentoo-dev 2008-12-20 16:57:26 UTC 
Verified and should not affect anybody on our plattforms. closing.