Format string vulnerability in the new_warning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the message handling.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netrek netrek vanilla server 2.12.0 |