CVE-2006-1075

Properties

Published:
07.03.2006
Updated:
09.03.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Product:
Jason Boettcher: Liero Xtreme
Jason Boettcher: Liero Xtreme

Vulnerability description

Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapname in a level (aka .lxl) file.

References:

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/426864/100/0/threaded
http://aluigi.altervista.org/adv/lieroxxx-adv.txt: http://aluigi.altervista.org/adv/lieroxxx-adv.txt
FRSIRT: http://www.frsirt.com/english/advisories/2006/0849
SECUNIA: http://secunia.com/advisories/19079