CVE-1999-1351

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Sep 24, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1351 is a directory traversal vulnerability affecting the KVIrc IRC client version 0.9.0. With the "Listen to !nick <soundname> requests" option enabled, an attacker can manipulate DCC (Direct Client-to-Client) GET requests by using ".." (dot dot) to navigate and read arbitrary files on the target system. This poses a significant security risk as sensitive information could be accessed remotely.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlX1Q
https://www.cve.org/CVERecord?id=CVE-1999-1351
https://nvd.nist.gov/vuln/detail/CVE-1999-1351

Back to Vulnerability Database

CVE-1999-1351

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations