CVE-2007-5825

by Fred · 05/11/2007

Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.

Date published : 2007-11-05

http://www.securityfocus.com/bid/26310

http://www.securityfocus.com/archive/1/483214/100/0/threaded

CVE-2007-5825

Similar

Recent Posts

Categories

CVE-2007-5825

Share this:

Similar

Recent Posts

Categories

Tags