Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Softwares Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command.
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Amx_mod | Amxmod.net | 0.9.2 (including) | 0.9.2 (including) |