CyberSec.Space Logo
返回 CVE 浏览器

CVE-2004-1214

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile5.99th
Published2005年1月10日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.

Affected Platforms (CPE)

📦
Burut

Kreed

= 1.5

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=110201776207915&w=2
🔗 http://www.securityfocus.com/bid/11799
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18343
🔗 http://marc.info/?l=bugtraq&m=110201776207915&w=2
🔗 http://www.securityfocus.com/bid/11799
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18343

相关漏洞威胁

CVE-2004-12155.0

Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which cause...

CVE-2004-12165.0

The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via ...

CVE-2004-100610.0

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via cer...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...