Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3573

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-3573
Last Modified 07 Mar 2011 12:00:00
Published 13 Jul 2006 06:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3573

Summary

Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname.

Vulnerable Systems

Application

  • Milan Mimica Sparklet 0.9.4


References

XF - sparklet-writetext-format-string(27603)

VUPEN - ADV-2006-2763

VUPEN - ADV-2006-2695

BID - 18949

BID - 18862

BUGTRAQ - 20060706 Format string bug in Sparklet 0.9.4try3

OSVDB - 27038

SECTRACK - 1016443

SECUNIA - 20974

MISC - http://aluigi.altervista.org/adv/sparkletfs-adv.txt


Last Updated: 27 May 2016 10:57:20