CVE-2007-5262

Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username, (2) password, and (3) nickname fields in a 0x01 packet.

Weakness

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Affected Software

Name	Vendor	Start Version	End Version
Dropteam	Battlefront	*	1.3.3 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/135.html
https://cwe.mitre.org/data/definitions/67.html

References

http://aluigi.altervista.org/adv/dropteamz-adv.txt
http://secunia.com/advisories/27107
http://securityreason.com/securityalert/3202
http://www.securityfocus.com/archive/1/481616/100/0/threaded
http://www.securityfocus.com/bid/25943
https://exchange.xforce.ibmcloud.com/vulnerabilities/36974
http://aluigi.altervista.org/adv/dropteamz-adv.txt
http://secunia.com/advisories/27107
http://securityreason.com/securityalert/3202
http://www.securityfocus.com/archive/1/481616/100/0/threaded
http://www.securityfocus.com/bid/25943
https://exchange.xforce.ibmcloud.com/vulnerabilities/36974

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-5262
CWE	https://cwe.mitre.org/data/definitions/134.html

Use of Externally-Controlled Format String

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References