CVE-2006-6664

2006-12-2023:00:00

mitre

www.cve.org

7.8 High

AI Score

Confidence

High

0.052 Low

EPSS

Percentile

93.1%

JSON

Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. NOTE: some details were obtained from third party information.

References

marathon.sourceforge.net/release-notes/20061202.html

secunia.com/advisories/23380

sourceforge.net/project/shownotes.php?release_id=471964

sourceforge.net/project/shownotes.php?release_id=471971

www.vupen.com/english/advisories/2006/5064