Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Shoutcast_server | Nullsoft | 1.9.4 (including) | 1.9.4 (including) |