CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1214

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile5.99th
PublishedJan 10, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.

Affected Platforms (CPE)

πŸ“¦
Burut

Kreed

= 1.5

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=110201776207915&w=2
πŸ”— http://www.securityfocus.com/bid/11799
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18343
πŸ”— http://marc.info/?l=bugtraq&m=110201776207915&w=2
πŸ”— http://www.securityfocus.com/bid/11799
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18343

Related Vulnerabilities

CVE-2004-12155.0

Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which cause...

CVE-2004-12165.0

The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via ...

CVE-2004-100610.0

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via cer...

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...